Avoid password prompt for keys and prompts for DN information
Problem
I am using following code to generate keys: I have two questions: How can I skip the passphrase prompting? Would it be reasonably safe for me to do so? (as in it should not be downright foolish like anyone should be able to hack the certificate) How do I avoid the prompting for the country name, organization etc. I hope I can give them on command prompt (the man page shows only top level options for OpenSSL)
Error Output
apt-get -qq -y install openssl; mkdir -p /etc/apache2/ssl; openssl genrsa -des3 -out server.key 1024; openssl req -new -key server.key -out server.csr; cp server.key server.key.org; openssl rsa -in server.key.org -out server.key; openssl x509 -req -days 12000 -in server.csr -signkey server.key -out…
Unverified for your environment
Select your OS to check compatibility.
1 Fix
Fix for: Avoid password prompt for keys and prompts for DN information
Edit: This is by far my most popular answer, and it's been a few years on now so I've added an ECDSA variant. If you can use ECDSA you should. You can supply all of that information on the command line. One step self-signed password-less certificate generation: RSA Version ECDSA version All of the openssl subcommands have their own man page. See . Specifically addressing your questions and to be more explicit about exactly which options are in effect: The flag signals to not encrypt the key, th…
Awaiting Verification
Be the first to verify this fix
Sign in to verify this fix