Robert Moskowitz wrote: > On 08/11/2017 02:47 PM, Dr. Stephen Henson wrote: >> On Fri, Aug 11, 2017, Robert Moskowitz wrote: >> >>> I would want the 'openssl req' command to prompt for hwType and >>> hsSerialNum. At least for now. >>> >> Note that you can't get the 'openssl req' command prompt for this but you can >> generate the extension in an appropriate syntax: see my other message for >> details. >> >> You could prompt externally and pass the values as environment variables to >> openssl req of constuct the whole config file on the fly. > > Sigh. > > Making some headway. Figured out you cannot have an alternative [ req ] section in the > config; no way to specify it. Thus a completely separate config_8021AR to specify a > different distinguishedname set of fields. Got that, now to get started on SAN. Will > read your previous message. Maybe you should look at the following CLI options for "openssl req": -subj arg set or modify request subject [..] -extensions .. specify certificate extension section (override value in config file) -reqexts .. specify request extension section (override value in config file) Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
