I'm developing a CA which automates this stuff that you need, maybe it could help you (http://cultura.eii.us.es/~pablo/elyca/), it's free software and still an early release but if you only need to do generate certs for your servers I suppose it's enough for you. There's also similar free-software outthere (have a look at freshmeat).
Pablo
Kwan Hon Luen wrote:
Hi ,
I am currently using Openssl to generate CA and server/client key certs.
Right now, the Openssl prompt me for password when generating CA key/cert:
openssl req -new -x509 -days 3650 -keyout cakey.pem -out trusted_ca_cert.pem -config openssl.cnf
(1) Is there a way to use the password as a parameter so that I can create the CA key/cert with just one command, without any password prompting?
The command below is for generating client/server key/cert. It prompt me for password, the CN, etc.
openssl req -new -keyout test_key.pem -out test_request.pem -config openssl.cnf
(2) Is there a way to use the password, CN,etc as parameters so that I can create the CA key/cert with just one command, without any password, CN, etc prompting?
The command below is for certifying the client/server cert using the CA. It prompt me to approve the certifying.
openssl ca -policy policy_anything -out test_cert.pem -config openssl.cnf -infiles test_new.pem
(3) Is there a way to use parameter such that the command will not prompt me to confirm certifying the certificate?
Thanks.
Hon Luen
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]