> From: owner-openssl-users On Behalf Of Anders Larsson
> Sent: Tuesday, December 03, 2013 17:20
> Im trying to use subjectAltName when im generating a csr on the
> commandline.
>
> I been trying with the "-reqexts" flag, but im only getting errors
> 'Openssl req -new -key debug.key -passin p
You could use a different config file and reference it on the command line.
Reqexts is used to reference a section in a config file.
Ryan Hurst
Sent from my phone, please forgive the brevity.
> On Dec 3, 2013, at 5:19 PM, Anders Larsson wrote:
>
> Hmm somehow the e-mail got cut after 1'st lin
Well I provided a windows example of the same approach but it's not purely from
the command line.
Ryan Hurst
Sent from my phone, please forgive the brevity.
> On Dec 3, 2013, at 5:20 PM, Viktor Dukhovni
> wrote:
>
>> On Tue, Dec 03, 2013 at 12:29:09PM -0800, Ryan Hurst wrote:
>>
>> Cant be
On Tue, Dec 03, 2013 at 12:29:09PM -0800, Ryan Hurst wrote:
> Cant be done, though most CAs dont use this information from the request.
It can be done in a sense on systems with shells (e.g. bash) that
support command-line ephemeral file-handles.
$ openssl req -new -config <(
cat
Hmm somehow the e-mail got cut after 1'st line? :-(
Thanks Ryan for the echo suggestion, but it will just end up in an config file.
Also since im running the CA internally it will use the information.
If there is a -reqexts flag? What use is it if it cannot add extensions?
Especially since a subj
Cant be done, though most CAs dont use this information from the request.
Can do something like this:
rem 8. CN, O, OU1, OU2, E, city and all SAN types /w SHA1 & 2048
echo [ req ]>test8.cnf
echo default_bits = 2048>>test8.cnf
echo prompt = no>>test8.cnf
echo encrypt_key = no>>test8.cnf
echo defau
