Hi all, I just starting to play around with OpenSSL and want to create a private CA. If I put all of the required information into the openssl.cnf and request a certificate with the following command openssl req \ -config ./openssl.cnf \ -newkey rsa \ -subj /CN=CA.klein.homenet \ -out requests/ca.req.pem \ -keyout private/ca.key.pem the key and request files are created. If I then sign the request with the following command openssl ca \ -selfsign \ -config ./openssl.cnf \ -create_serial \ -in requests/ca.req.pem \ -keyfile private/ca.key.pem \ -extensions v3_ca \ -out certs/ca.cert.pem I'm prompted for the pass phrase of the key file, despite that the input_password is set within the openssl.cnf Is this a bug or behavior by design? Cheers, Klaus
