Correct me if I'm wrong, but your script uses x509 command. I was asking if it is possible to do this using the "ca" command. On Thu, Jan 14, 2016 at 2:28 PM, Viktor Dukhovni <openssl-users at dukhovni.org > wrote: > On Thu, Jan 14, 2016 at 01:08:02PM +0000, Gareth Williams wrote: > > > On Thursday 14 January 2016 10:59:01 Mauro Romano Trajber wrote: > > > Could you send me the ca command line? There's any way to run it > without > > > creating a .cnf - using only <(print notation? > > > > To be honest, I don't know whether you could run it purely from the > command > > line without a config file as there are many configuration options > needed to > > operate openssl as a CA. Saying that, defaults values may work for many > of > > those. > > That's what the script I posted does, it bypasses all the bagage > of .cnf files and a stateful CA, by constructing miniature ".cnf" > files on the fly via <(printf ....). So yes, this can be done. > > -- > Viktor. > _______________________________________________ > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160114/9029fc56/attachment.html>
