[openssl-users] 802.1AR certificate generation and the config file
Robert Moskowitz
rgm at htt-consult.com
Fri Aug 11 18:55:01 UTC 2017
On 08/11/2017 02:47 PM, Dr. Stephen Henson wrote:
> On Fri, Aug 11, 2017, Robert Moskowitz wrote:
>
>> I would want the 'openssl req' command to prompt for hwType and
>> hsSerialNum. At least for now.
>>
> Note that you can't get the 'openssl req' command prompt for this but you can
> generate the extension in an appropriate syntax: see my other message for
> details.
>
> You could prompt externally and pass the values as environment variables to
> openssl req of constuct the whole config file on the fly.
Sigh.
Making some headway. Figured out you cannot have an alternative [ req ]
section in the config; no way to specify it. Thus a completely separate
config_8021AR to specify a different distinguishedname set of fields.
Got that, now to get started on SAN. Will read your previous message.
thanks
More information about the openssl-users
mailing list