-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I don't see an 'ssl' command on my system -- is this a shell script or an
alias? If you have a script 'ssl' calling 'openssl' then you're going to
have to deal with layers of quoting.
For example, if 'ssl' is a script, then upon entering the command 'ssl
req -subj "/C=US/ST=NY/L=New York"' it should receive arguments:
0: ssl
1: req
2: -subj
3: /C=US/ST=NY/L=New York
which is fine so far. But if for example 'ssl' contains something like:
openssl $@
then the command will be expanded to:
openssl req -subj /C=US/ST=NY/L=New York
and 'openssl' will receive arguments:
0: openssl
1: req
2: -subj
3: /C=US/ST=NY/L=New
4: York
which doesn't appear to be what you wanted. This much can be patched up
by replacing '$@' with '"$1" "$2" "$3" "$4" "$5" "$6" "$7" "$8" "$9"'
(resupplying any quoting that may have been stripped). Further nested
layers of interpretation by the shell would have to be treated similarly.
Escaping double-quoted string contents with backslash won't make a
difference, because the escape will be consumed in the initial argument
processing before 'ssl' gets control. Single quotes can preserve it
through one round of expansion but not more.
If 'ssl' is not a script or an alias, then we (or at least I) don't know
what it is and cannot advise without more information about it.
I just tried the command:
openssl req -subj "/C=US/ST=NY/L=New York" -new > ny.req
on OpenSSL 0.9.8 under the shell Bash 3.00.0(1)-release and it works just
fine:
mhw:~$ openssl req -text -noout < ny.req
Certificate Request:
Data:
Version: 0 (0x0)
Subject: C=US, ST=NY, L=New York
etc.
- --
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Typically when a software vendor says that a product is "intuitive" he
means the exact opposite.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
Comment: pgpenvelope 2.10.2 - http://pgpenvelope.sourceforge.net/
iD8DBQFE5db7s/NR4JuTKG8RAgXPAJwPrjQm9mI99D/4agwrgX09KjLSUACffvVx
hKVXqtThDzDkQfHNMZ2isHw=
=QZtN
-----END PGP SIGNATURE-----
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]