Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (83)
EC Keys (2461)
Firefox (30)
General (10)
Google Chrome (25)
Intermediate CA (152)
Java VM (29)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (21)
OpenSSL (236)
Other (7)
Portecle (38)
Publishers (6619)
Revoked Certificates (16)
Root CA (85)
RSA Keys (5332)
Tools (46)
Tutorial (1)
What Is (22)
Windows (127)
Collections:
Other Resources:
OpenSSL "req" - "prompt=yes" Mode
How to use the "prompt=yes" mode of the OpenSSL "req -new" command? I want to enter DN values at the command prompt.
✍: FYIcenter.com
You can use "prompt=yes" mode of the OpenSSL "req -new" command as shown below, if you set "prompt=yes" and provide DN (Distinguished Name) field prompts in the configuration file.
C:\Users\fyicenter>type test.cnf # unnamed section of generic options default_md = md5 # default section for "req" command options [req] input_password = fyicenter prompt = yes distinguished_name = my_req_dn_prompt [my_req_dn_prompt] commonName = Common Name countryName = Country Name stateOrProvinceName = State localityName = City organizationName = Organization organizationalUnitName = Department emailAddress = Email C:\Users\fyicenter>\local\openssl\openssl.exe OpenSSL> req -new -key rsa_test.key -out test.csr -config test.cnf You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Common Name []:FYIcenter.com CA Country Name []:US State []:NY City []:New York Organization []:FYIcenter.com Department []:IT Email []:ca@fyicenter.com OpenSSL> req -in test.csr -text -noout Certificate Request:s Data: Version: 0 (0x0) Subject: CN=FYIcenter.com CA, C=US, ST=NY, L=New York, O=FYI Center, OU=IT /emailAddress=ca@fyicenter.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (1024 bit) ...
As you can see from the output, the "req -new" command executed correctly in the "prompt=yes" mode. distinguished_name section options are used as DN field prompts.
⇒ OpenSSL "req" - "prompt=yes" Mode with DN Validations
2016-10-30, 5314🔥, 0💬
Popular Posts:
What is samltool Certificate Fingerprint Calculator? samltool Certificate Fingerprint Calculator is ...
Archived certificates are certificates that have expired or have been renewed. In many cases, it is ...
How to convert a certificate file in DER (Distinguished Encoding Rules) format to PEM (Privacy Enhan...
Certificate summary - Owner: *.bing.com Issuer: MSIT Machine Auth CA 2, Dredmond, Dcorp, Dmicrosoft,...
How to view general information of a certificate in Firefox? I want to know when is the expiration o...