Steve, the other reason I've been forced to move from x509 to ca is that ca appears to be the ONLY binary program that can sign SPKAC files. Is there another way to do this that I have missed?
Dr. Stephen Henson wrote:
On Fri, Jun 06, 2003, pablo neira wrote:
Dr. Stephen Henson wrote:
On Fri, Jun 06, 2003, Kwan Hon Luen wrote:
Hi,
How do I automate the signing of server certificate by a CA ? without the following prompt:
(1) "Enter PEM pass phrase:" (2) "Sign the certificate?" (3) "commit?"
Use the 'x509' utility instead, passphrase can be entered via -passin there are no other prompts.
but this way you don't keep the index.txt file the all valid certificates generated, so it seems there's no way to automate the process by using the 'ca' utility, am I right?
Well if you need 'ca' you can try the -batch option.
Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
-- Charles B (Ben) Cranston mailto: [EMAIL PROTECTED] http://www.wam.umd.edu/~zben
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
