Re: scripting creating a cert

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 03/10/2017 01:10 AM, openssl-users-request@xxxxxxxxxxx digested:
> Thing is that this then prompts for a number of fields:
[...]
> Is there some 'simple' way to provide these answers?  Like with env 
> variables?

Yes, and as others have already pointed out, there's also the
possibility of command line parameters given to OpenSSL.

A publicly available set of scripts that makes heavy use of the env var
method and might serve as an example would be easyRSA (here, version 3):

> # grep EASYRSA_REQ_ openssl-1.0.cnf 
> commonName_default      = $ENV::EASYRSA_REQ_CN
> countryName_default             = $ENV::EASYRSA_REQ_COUNTRY
> stateOrProvinceName_default     = $ENV::EASYRSA_REQ_PROVINCE
> localityName_default            = $ENV::EASYRSA_REQ_CITY
> 0.organizationName_default      = $ENV::EASYRSA_REQ_ORG
> organizationalUnitName_default  = $ENV::EASYRSA_REQ_OU
> commonName_default              = $ENV::EASYRSA_REQ_CN
> emailAddress_default            = $ENV::EASYRSA_REQ_EMAIL

> # grep EASYRSA_REQ_ easyrsa | grep -v ';;'
>         [ $EASYRSA_BATCH ] && opts="$opts -batch" || export EASYRSA_REQ_CN="Easy-RSA CA"
>         [ ! $EASYRSA_BATCH ] && EASYRSA_REQ_CN="$1"
>         EASYRSA_REQ_CN="$name"
>         set_var EASYRSA_REQ_COUNTRY     "US"
>         set_var EASYRSA_REQ_PROVINCE    "California"
>         set_var EASYRSA_REQ_CITY        "San Francisco"
>         set_var EASYRSA_REQ_ORG         "Copyleft Certificate Co"
>         set_var EASYRSA_REQ_EMAIL       me@xxxxxxxxxxx
>         set_var EASYRSA_REQ_OU          "My Organizational Unit"
>         set_var EASYRSA_REQ_CN          ChangeMe

https://github.com/OpenVPN/easy-rsa

Kind regards,
-- 
Jochen Bern
Systemingenieur

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux