On 08/18/2017 01:16 PM, Dr. Stephen Henson wrote:
On Thu, Aug 17, 2017, Robert Moskowitz wrote:In the [ ca ] section I have: prompt = no If I leave the = out I get an error, so I am assuming I got the format of this right. Then I have [ req ] distinguished_name = req_distinguished_name [ req_distinguished_name ] countryName = $ENV::countryName stateOrProvinceName = $ENV::stateOrProvinceName In a terminal window I run: export countryName=US export stateOrProvinceName=MI then openssl req -config openssl-root.cnf -key private/ca.key.pem \ -new -x509 -days 7300 -sha256 -extensions v3_ca -out certs/ca.cert.pem And I am still getting prompted for the DN fields: You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- US []: What did I miss?Since this is the req command try "prompt = no" in the req section.
Thank you, but I did get past this point. I got prompt no working and the way it worked, just did not work well enough.
I threw the towel in on ENV and did get -subj $DN working... thanks Bob -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
