Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (70)
EC Keys (871)
Firefox (30)
General (10)
Google Chrome (25)
Intermediate CA (152)
Java VM (29)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (21)
OpenSSL (236)
Other (7)
Portecle (38)
Publishers (3115)
Revoked Certificates (16)
Root CA (85)
RSA Keys (2509)
Tools (46)
Tutorial (1)
What Is (22)
Windows (127)
Collections:
Other Resources:
OpenSSL "req" - distinguished_name Configuration Section
What is the distinguished_name section in the OpenSSL configuration file?
✍: FYIcenter.com
The distinguished_name section in the OpenSSL configuration file
is a required section of options when using OpenSSL "req -new" or "req -newkey"
commands to generate a new CSR or self-signed certificate.
distinguished_name sections provides options to control the behavior of the following two groups of DN (Distinguished Name) fields.
1. Standard DN fields:
2. Additional DN fields:
There are 2 modes to use when writing distinguished_name section in the configuration file:
1. "prompt=no" mode - This mode tells OpenSSL to not prompt user for distinguished name fields. It will read distinguished_name section as values for DN fields, instead of field prompting labels.
For example: "countryName=US" tells OpenSSL to use "US" as the countryName value.
2. "prompt=yes" mode - This mode tells OpenSSL to prompt user for distinguished name fields. It will read distinguished_name section as prompting labels for DN fields, instead of field values.
For example: "countryName=Country ISO2 Code" tells OpenSSL to use "Country ISO2 Code []:" to prompt the user to enter the countryName value.
⇒ OpenSSL "req" - "prompt=no" Mode
2016-11-02, 18901👍, 0💬
Popular Posts:
Certificate Summary: Subject: GeoTrust Universal CA Issuer: GeoTrust Universal CA Expiration: 2029-0...
Certificate Summary: Subject: Go Daddy Secure Certificate Authority - G2 Issuer: Go Daddy Root Certi...
Certificate summary - Owner: *.wordpress.com, Domain Control Validated, *.wordpress.com Issuer: SERI...
How to decode an X.509 certificate and view its content? To help you to decode X.509 certificate and...
Certificate summary - Owner: www.gmx.net, GMX, 1&1 Mail & Media GmbH, L=Montabaur, ST=Rhinel...