OpenSSL 未签名证书静默 [英] OpenSSL unsigned certs silently
本文介绍了OpenSSL 未签名证书静默的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
遇到了这个问题——还有其他一些相关的帖子,但没有那么具体.我正在尝试为开发机器默默地生成证书.这些是我最初运行的命令,但被要求输入密码:
Having trouble with this -- a couple of other related posts out there, but nothing so specific. I'm trying to silently generate certs for a dev machine. These are the commands I originally ran, but was asked for a passphrase:
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 1024 -in server.csr -signkey server.key -out server.crt
下面的第一个命令有效,但第二个命令不太有效.我看到了 passin 选项,但遇到了问题,因为我仍然被要求输入密码.
The first command below works, but the second doesn't quite work. I see the passin option, but am having trouble, as I'm still getting asked for a passphrase.
openssl genrsa -des3 -passout pass:$passphrase -out server.key 1024
openssl req -passout pass:$passphrase -new -key server.key -out server.csr
openssl x509 -req -days 1024 -in server.csr -signkey server.key -out server.crt
推荐答案
$ openssl genrsa -out server.key 1024
$ touch openssl.cnf
$ cat >> openssl.cnf <<EOF
[ req ]
prompt = no
distinguished_name = req_distinguished_name
[ req_distinguished_name ]
C = GB
ST = Test State
L = Test Locality
O = Org Name
OU = Org Unit Name
CN = Common Name
emailAddress = test@email.com
EOF
$ openssl req -config openssl.cnf -new -key server.key -out server.csr
$ openssl x509 -req -days 1024 -in server.csr -signkey server.key -out server.crt
这篇关于OpenSSL 未签名证书静默的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
