Collections:
Other Resources:
OpenSSL "req" - "prompt=no" Mode
How to use the "prompt=no" mode of the OpenSSL "req -new" command? I want to specify DN field values directly in the configuration file.
✍: FYIcenter.com
You can use "prompt=no" mode of the OpenSSL "req -new" command as shown below, if you set "prompt=no" and provide DN (Distinguished Name) field values in the configuration file.
C:\Users\fyicenter>type test.cnf # unnamed section of generic options default_md = md5 # default section for "req" command options [req] input_password = fyicenter prompt = no distinguished_name = my_req_dn_no_prompt [my_req_dn_no_prompt] commonName = FYIcenter.com CA countryName = US stateOrProvinceName = NY localityName = New York organizationName = FYI Center organizationalUnitName = IT emailAddress = ca@fyicenter.com C:\Users\fyicenter>\local\openssl\openssl.exe OpenSSL> req -new -key rsa_test.key -out test.csr -config test.cnf OpenSSL> req -in test.csr -text -noout Certificate Request: Data: Version: 0 (0x0) Subject: CN=FYIcenter.com CA, C=US, ST=NY, L=New York, O=FYI Center, OU=IT /emailAddress=ca@fyicenter.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (1024 bit) ...
As you can see from the output, the "req -new" command executed correctly in the "prompt=no" mode. distinguished_name section options are used as DN filed values.
⇒ OpenSSL "req" - "prompt=yes" Mode
2016-11-02, 13523🔥, 0💬
Popular Posts:
How to clone a keystore key pair entry with Portecle? To clone (make an exact copy of) a keystore ke...
Certificate summary - Owner: www.dhs.gov, U.S. Department of Homeland Security, L=Washington, ST=Dis...
Certificate summary - Owner: www.pandora.com, Terms of use at www.verisign.com/rpa (c)05, "Pandora M...
Certificate summary - Owner: arstechnica.com, Domain Control Validated, arstechnica.com Issuer: SERI...
How to generate a new DSA key pair with a shorter key size using OpenSSL "gendsa" command? If you ne...