Categories:
DH Keys (39)
DSA Keys (73)
EC Keys (340)
Firefox (32)
General (13)
Google Chrome (25)
Intermediate CA (152)
Java VM (20)
JDK Keytool (25)
Microsoft CertUtil (26)
Mozilla CertUtil (18)
OpenSSL (237)
Other (17)
Portecle (38)
Publishers (1872)
Revoked Certificates (30)
Root CA (87)
RSA Keys (2196)
Tools (47)
Tutorial (7)
What Is (21)
Windows (129)
Collections:
Other Resources:
OpenSSL "req" - distinguished_name Configuration Section
What is the distinguished_name section in the OpenSSL configuration file?
✍: FYIcenter.com
The distinguished_name section in the OpenSSL configuration file
is a required section of options when using OpenSSL "req -new" or "req -newkey"
commands to generate a new CSR or self-signed certificate.
distinguished_name sections provides options to control the behavior of the following two groups of DN (Distinguished Name) fields.
1. Standard DN fields:
2. Additional DN fields:
There are 2 modes to use when writing distinguished_name section in the configuration file:
1. "prompt=no" mode - This mode tells OpenSSL to not prompt user for distinguished name fields. It will read distinguished_name section as values for DN fields, instead of field prompting labels.
For example: "countryName=US" tells OpenSSL to use "US" as the countryName value.
2. "prompt=yes" mode - This mode tells OpenSSL to prompt user for distinguished name fields. It will read distinguished_name section as prompting labels for DN fields, instead of field values.
For example: "countryName=Country ISO2 Code" tells OpenSSL to use "Country ISO2 Code []:" to prompt the user to enter the countryName value.
⇒ OpenSSL "req" - "prompt=no" Mode
2016-11-02, 8200👍, 0💬
Popular Posts:
How to validate a certificate saved in a certificate file with Microsoft "certutil" tool? If you wan...
How to get a list of extended options supported by the "makecert.exe" command? I want to know more o...
Certificate summary - Owner: reg.163.com, Terms of use at www.verisign.com/rpa (c)05, Technical Gene...
What is Java Keytool? I heard that Java Keytool is nice tool to generate keys and manage certificate...
Certificate Summary: Subject: signin.ebay.com Issuer: VeriSign Class 3 Extended Validation SSL CA Ex...