>
> [EMAIL PROTECTED] wrote:
> >
> > Has anyone added a "-dn" flag to the req command? This would make it much
> > easier to write scripts that generate lots of requests. (Okay, maybe
> > not a lot easier, since I could set up a config file that pointed to the
> > environment, and then set env-vars, but that's a little roundabout...)
>
> The alternative if to write out a 'template' config file for each
> request, using the right options this will create a request without
> prompting for anything. There is an example of how to do this in the
> 'req' manual page.
>
And you can add environment variable names in that 'template', for
example:
extensions = x509v3
[ req ]
default_bits = 1024
distinguished_name = req_DN
[ req_DN ]
countryName = "Country Name"
countryName_value = $ENV::CERT_COUNTRY
localityName = "Locality Name"
localityName_value = $ENV::CERT_LOCALITY
organizationName = "Organisation"
organizationName_value = $ENV::CERT_ORG
commonName = "Common Name"
commonName_value = $ENV::CERT_CN
[ x509v3 ]
subjectAltName=$ENV::CERT_EMAIL
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
