Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (71)
EC Keys (2148)
Firefox (30)
General (10)
Google Chrome (25)
Intermediate CA (152)
Java VM (29)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (21)
OpenSSL (236)
Other (7)
Portecle (38)
Publishers (6110)
Revoked Certificates (16)
Root CA (85)
RSA Keys (4988)
Tools (46)
Tutorial (1)
What Is (22)
Windows (127)
Collections:
Other Resources:
OpenSSL "req" Command Options
What can I use OpenSSL "req" command for? What are options supported by the "req" command?
✍: FYIcenter.com
OpenSSL "req" command is a certificate request and certificate generating utility.
It can be used to generate Certificate Signing Request (CSR) and sign CSR.
Here are options supported by the "req" command:
C:\Users\fyicenter>\local\openssl\openssl.exe OpenSSL> req -help unknown option -help req [options] <infile >outfile where options are -inform arg input format - DER or PEM -outform arg output format - DER or PEM -in arg input file -out arg output file -text text form of request -pubkey output public key -noout do not output REQ -verify verify signature on REQ -modulus RSA modulus -nodes don't encrypt the output key -engine e use engine e, possibly a hardware device -subject output the request's subject -passin private key password source -key file use the private key contained in file -keyform arg key file format -keyout arg file to send the key to -rand file;file;... load the file (or the files in the directory) into the random number generator -newkey rsa:bits generate a new RSA key of 'bits' in size -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file' -newkey ec:file generate a new EC key, parameters taken from CA in 'file' -[digest] Digest to sign with (md5, sha1, md2, mdc2, md4) -config file request template file. -subj arg set or modify request subject -multivalue-rdn enable support for multivalued RDNs -new new request. -batch do not ask anything during request generation -x509 output a x509 structure instead of a cert. req. -days number of days a certificate generated by -x509 is valid for. -set_serial serial number to use for a certificate generated by -x509. -newhdr output "NEW" in the header lines -asn1-kludge Output the 'request' in a format that is wrong but some CA's have been reported as requiring -extensions .. specify certificate extension section (override value in config file) -reqexts .. specify request extension section (override value in config file) -utf8 input characters are UTF8 (default ASCII) -nameopt arg - various certificate name options -reqopt arg - various request text options error in req
2023-04-05, 10551👍, 1💬
Popular Posts:
Where to find answers to frequently asked questions on CRL (Certificate Revocation List)? Here is a ...
How to create a test certificate for myself and put it into "My - Personal" system certificate store...
Certificate summary - Owner: ssl.cdngc.net, CDNetworks Inc., L=San Jose, ST=California, US Issuer: D...
Where to find answers to frequently asked questions on Portecle Certificate Tool? Here is a list of ...
How to see the signing chain of a server certificate in IE? I want to know the root CA who signs the...