Carolyn Malloy wrote: > > Greetings All, > > I am very new to openssl and am having some difficulty finding the > information on generating a certificate request. What I really want > to do is obtain the distinguished name information via a web page then > pass that information into the openssl call (specifically I want to do > openssl req -in file -nodes -keyout key.pem -out out.pem where file is > the information submitted by the user via the web page). However, in > order to use the "-in" qualifier I believe the input file has to be in > PEM format (or that is what I believe I have gathered from the > openssl.org site). Is this the case? If so, how do I convert the > file from ascii to PEM. Also, should there be field names associated > with the data from the disntinguised name (ie key value pair) ? If so, > what exactly should these be? If this is documented someplace, PLEASE > point me in the direction of the documentation. >
What you actually need to do is to construct a template configuration file with the necessary field values in it and pass that on the command line using the -config option. See the EXAMPLES section of the req(1) manual page in doc/apps/req.pod or at: http://www.openssl.org/docs/apps/req.html#EXAMPLES Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Gemplus: http://www.gemplus.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
