On Wed, May 14, 2014 at 10:00:30PM +0200, Nikos Mavrogiannopoulos wrote: > On Wed, 2014-05-14 at 18:47 +0200, Josef Wolf wrote: > > Note that --generate-self-signed don't ask for the password. > > If you use a template certtool enters non-interactive mode (batch mode). > Then you can only specify the password in the template or use --ask-pass > (in the latest versions).
Oh, I see. Is there any other way to non-interactively pass the password? Passing via --password makes it visible to the ps command. Passing via file makes it readable in the case of crashes, when the removal of the file might fail. I tried the usual unix convention to pass the template on stdin by giving '-', but certtool tries to open a file named '-' then. I know, I can play tricks like deleting the file before writing to it and pass /proc/xxx/fd/yy as filename to certtool. But that would be highly unportable. -- Josef Wolf [email protected] _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
