1

I am using the following command to create a certificate request: 

openssl req -config openssl.cnf -new -out [filename].csr -passout pass:[password]

The openssl.cnf file is in the directory that I run the command from.
The problem is that I am still prompted to submit the values for country, state, locality, etc.
I want to do this programmatically, without someone having to step in and type these values. Shouldn't openssl.cnf provide the default values to be used? Am I missing an argument or something?

Improve this question
1
  • Use openssl version -a | grep OPENSSLDIR to see which configuration file OpenSSL is using. More correclty, its using openssl.cnf, but the question is where its coming from. In all setup's I am aware, OpenSSL apps never looks in PWD. You have to set PWD in an environmental variable OPENSSL_CONF, or you have to provide PWD as a -config option. Commented May 5, 2016 at 6:00

1 Answer 1

Reset to default
1

In your case the correct syntax would be: 

openssl req -batch -config openssl.cnf -new -out [filename].csr -passout pass:[password]

A 2048b RSA private key will be generated at the same time in 'privkey.pem'.
If you prefer creating a request for a pre-existing key, add option : 

-key [keyfile]
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Hey, thanks... I managed to do it using an input file. The syntax is this: openssl req -config openssl.cnf -new -out [filename].csr -passout pass:[password] < "install_ssl1.in"

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.