You could try something like: echo [ req ] > abc\abc_csr.conf echo distinguished_name=req_distinguished_name >> abc\abc_csr.conf echo req_extensions = v3_req >> abc\abc_csr.conf echo prompt=no >> abc\abc_csr.conf echo [ req_distinguished_name ] >> abc\abc_csr.conf echo C=AU >> abc\abc_csr.conf echo ST=New South Wales >> abc\abc_csr.conf echo L=Sydney >> abc\abc_csr.conf echo O=Doddgy Brothers Very Limited >> abc\abc_csr.conf echo OU=Security Division >> abc\abc_csr.conf echo [EMAIL PROTECTED] >> abc\abc_csr.conf echo [EMAIL PROTECTED] >> abc\abc_csr.conf echo [ v3_req ] >> abc\abc_csr.conf echo basicConstraints = critical,CA:FALSE >> abc\abc_csr.conf echo keyUsage = nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment, keyAgreement >> abc\abc_csr.conf echo extendedKeyUsage=emailProtection,clientAuth >> abc\abc_csr.conf
.\bin\openssl req -outform PEM -out abc\abc.pem.csr -key abc\abc.pem.private.key -keyform PEM -sha1 -days 700 -new -config abc\abc_csr.conf -passin pass:somepassphrase Cheers -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kwan Hon Luen Sent: Tuesday, June 03, 2003 5:31 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: Automating Openssl commands Hi , Thanks. How do I automate the creation of certificate as well by supplying the following attributes? countryName stateOrProvinceName localityName organizationName organizationalUnitName commonName Thanks. Hon Luen ----- Original Message ----- From: "Marcus Carey" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, June 03, 2003 3:23 PM Subject: Re: Automating Openssl commands > Under the request section in the openssl.cnf file add the password > parameters. > > [req] > input_password = > output_password = > > Marcus > > ----- Original Message ----- > From: "Kwan Hon Luen" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Monday, June 02, 2003 7:07 PM > Subject: Automating Openssl commands > > > > Hi , > > > > I am currently using Openssl to generate CA and server/client key certs. > > > > Right now, the Openssl prompt me for password when generating CA key/cert: > > > > openssl req -new -x509 -days 3650 -keyout cakey.pem -out > > trusted_ca_cert.pem -config openssl.cnf > > > > (1) Is there a way to use the password as a parameter so that I can create > > the CA key/cert with just one command, without any password prompting? > > > > The command below is for generating client/server key/cert. It prompt me > for > > password, the CN, etc. > > > > openssl req -new -keyout test_key.pem -out test_request.pem -config > > openssl.cnf > > > > (2) Is there a way to use the password, CN,etc as parameters so that I can > > create the CA key/cert with just one command, without any password, CN, > etc > > prompting? > > > > The command below is for certifying the client/server cert using the CA. > It > > prompt me to approve the certifying. > > > > openssl ca -policy policy_anything -out test_cert.pem -config > > openssl.cnf -infiles test_new.pem > > > > (3) Is there a way to use parameter such that the command will not prompt > me > > to confirm certifying the certificate? > > > > Thanks. > > > > Hon Luen > > > > ______________________________________________________________________ > > OpenSSL Project http://www.openssl.org > > User Support Mailing List [EMAIL PROTECTED] > > Automated List Manager [EMAIL PROTECTED] > > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.486 / Virus Database: 284 - Release Date: 5/30/2003 > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
