本文介绍了OpenSSL 未签名证书静默的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

遇到了这个问题——还有其他一些相关的帖子,但没有那么具体.我正在尝试为开发机器默默地生成证书.这些是我最初运行的命令,但被要求输入密码:

Having trouble with this -- a couple of other related posts out there, but nothing so specific. I'm trying to silently generate certs for a dev machine. These are the commands I originally ran, but was asked for a passphrase:

openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 1024 -in server.csr -signkey server.key -out server.crt

下面的第一个命令有效,但第二个命令不太有效.我看到了 passin 选项,但遇到了问题,因为我仍然被要求输入密码.

The first command below works, but the second doesn't quite work. I see the passin option, but am having trouble, as I'm still getting asked for a passphrase.

openssl genrsa -des3 -passout pass:$passphrase -out server.key 1024
openssl req -passout pass:$passphrase -new -key server.key -out server.csr
openssl x509 -req -days 1024 -in server.csr -signkey server.key -out server.crt

推荐答案

$ openssl genrsa -out server.key 1024
$ touch openssl.cnf
$ cat >> openssl.cnf <<EOF
[ req ]
prompt = no
distinguished_name = req_distinguished_name

[ req_distinguished_name ]
C = GB
ST = Test State
L = Test Locality
O = Org Name
OU = Org Unit Name
CN = Common Name
emailAddress = [email protected]
EOF
$ openssl req -config openssl.cnf -new -key server.key -out server.csr
$ openssl x509 -req -days 1024 -in server.csr -signkey server.key -out server.crt

这篇关于OpenSSL 未签名证书静默的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-01 09:10