> From: owner-openssl-us...@openssl.org On Behalf Of Martin Schneider > Sent: Thursday, 24 September, 2009 04:58
> I'm using CA.pl from an application to automatically sign > certificate requests. The problem is, that when the CSR is (Aside: you're not signing the CSR. The CSR is already signed by the requestor, or to be exact the requestor's keypair. You're creating and signing a *certificate* FROM the CSR.) > signed some user interaction is still needed what I do not > want of cause. OpenSSL asks > > Certificate is to be certified until Sep 24 08:38:55 2010 GMT > (365 days) Sign the certificate? [y/n]:y > > and later > > 1 out of 1 certificate requests certified, commit? [y/n] > > Is there a way how I can get rid of this two needed inputs? > With the commandline 'ca' it's easy: man ca; -batch. With CA.pl, you could edit the script to change this; but since all it's doing is invoking the commandline, you could as easily just invoke the commandline. But 'ca' by default, and thus it appears to me CA.pl always, also prompt for the CA key passphrase (unless insecurely clear), and you're not complaining about that. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
