[openssl-users] input_password setting in openssl.cnf ignored
Klaus Klein
k.klein at gmx.de
Thu Aug 13 22:08:40 UTC 2015
Hi all,
I just starting to play around with OpenSSL and want to create a private CA.
If I put all of the required information into the openssl.cnf and request a certificate with the following command
openssl req \
-config ./openssl.cnf \
-newkey rsa \
-subj /CN=CA.klein.homenet \
-out requests/ca.req.pem \
-keyout private/ca.key.pem
the key and request files are created.
If I then sign the request with the following command
openssl ca \
-selfsign \
-config ./openssl.cnf \
-create_serial \
-in requests/ca.req.pem \
-keyfile private/ca.key.pem \
-extensions v3_ca \
-out certs/ca.cert.pem
I'm prompted for the pass phrase of the key file, despite that the input_password is set within the openssl.cnf
Is this a bug or behavior by design?
Cheers,
Klaus
More information about the openssl-users
mailing list