Openssl 要求输入密码和通用名称,但我想将它们作为参数发送

Openssl 要求输入密码和通用名称,但我想将它们作为参数发送

我正在使用以下命令创建证书:

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout localhost.key -out localhost.crt -config localhost.conf

使用这个配置:

[req]
default_bits       = 2048
default_keyfile    = localhost.key
distinguished_name = req_distinguished_name
req_extensions     = req_ext
x509_extensions    = v3_ca

[req_distinguished_name]
commonName                  = Common Name (e.g. server FQDN or YOUR name)
commonName_default          = localhost
commonName_max              = 64

[req_ext]
subjectAltName = @alt_names

[v3_ca]
subjectAltName = @alt_names
basicConstraints = critical, CA:false
keyUsage = keyCertSign, cRLSign, digitalSignature,keyEncipherment

[alt_names]
DNS.1   = localhost

但是命令要求输入Common namepassword,我怎样才能将它们作为参数发送给openssl。我尝试了其他解决方案,但都没有奏效。

答案1

您可以-subj在命令行上使用来传递证书的主题。

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout localhost.key -out localhost.crt -config localhost.conf -subj "/O=My Org/OU=My Dept/CN=My Service"

相关内容