This is a common question that comes up in
##openssl
with regards to handling
openssl req
, and here is a strategy to make values in the configuration parameters:
openssl genrsa -out ca.key 2048
config_file=some_file
cn="example.com"
echo "
[ req ]
prompt = no
distinguished_name = req_distinguished_name
x509_extensions = v3_ca
[ req_distinguished_name ]
C = AB
ST = CD
L = EF
O = G
OU = HI
CN = $cn
[ v3_ca ]
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
basicConstraints = CA:true
" > $config_file
openssl req -new -x509 -days 3650 -key ca.key -out ca.crt -config $config_file
No comments:
Post a Comment