> From: owner-openssl-users On Behalf Of Anders Larsson
> Sent: Tuesday, December 03, 2013 17:20
> Im trying to use subjectAltName when im generating a csr on the
> commandline.
>
> I been trying with the "-reqexts" flag, but im only getting errors
> 'Openssl req -new -key debug.key -passin p
You could use a different config file and reference it on the command line.
Reqexts is used to reference a section in a config file.
Ryan Hurst
Sent from my phone, please forgive the brevity.
> On Dec 3, 2013, at 5:19 PM, Anders Larsson wrote:
>
> Hmm somehow the e-mail got cut after 1'st lin
Well I provided a windows example of the same approach but it's not purely from
the command line.
Ryan Hurst
Sent from my phone, please forgive the brevity.
> On Dec 3, 2013, at 5:20 PM, Viktor Dukhovni
> wrote:
>
>> On Tue, Dec 03, 2013 at 12:29:09PM -0800, Ryan Hurst wrote:
>>
>> Cant be
On Tue, Dec 03, 2013 at 12:29:09PM -0800, Ryan Hurst wrote:
> Cant be done, though most CAs dont use this information from the request.
It can be done in a sense on systems with shells (e.g. bash) that
support command-line ephemeral file-handles.
$ openssl req -new -config <(
cat
Hmm somehow the e-mail got cut after 1'st line? :-(
Thanks Ryan for the echo suggestion, but it will just end up in an config file.
Also since im running the CA internally it will use the information.
If there is a -reqexts flag? What use is it if it cannot add extensions?
Especially since a subj
> From: owner-openssl-users On Behalf Of Danyk
> Sent: Tuesday, December 03, 2013 12:35
> "Almost. If the actual value is not OCTET STRING, change the type created
> in the first two (or whatever) lines, and i2d'ed in the fourth line.
> And OPENSSL_free the pointer allocated here (d) after you're
Cant be done, though most CAs dont use this information from the request.
Can do something like this:
rem 8. CN, O, OU1, OU2, E, city and all SAN types /w SHA1 & 2048
echo [ req ]>test8.cnf
echo default_bits = 2048>>test8.cnf
echo prompt = no>>test8.cnf
echo encrypt_key = no>>test8.cnf
echo defau
Hello.
Im trying to use subjectAltName when im generating a csr on the
commandline__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Au
"Almost. If the actual value is not OCTET STRING, change the type created
in the first two (or whatever) lines, and i2d'ed in the fourth line.
And OPENSSL_free the pointer allocated here (d) after you're
done with that memory. "
I need to add an INTEGER extensions and PRINTABLESTRING extension.
