<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<div class="moz-cite-prefix">On 12/22/2021 1:33 PM, Philip
Prindeville wrote:<br>
</div>
<blockquote type="cite"
cite="mid:ACEB306A-A6E4-49C7-A9EB-B29C10F26C13@redfish-solutions.com">Should
supporting openssl.cnf be part of the library API, or externally
handled in the command-line utility where it then passes in the
values extracted from that file?
</blockquote>
<br>
I don't know how openssl.cnf factors into CSR creation with existing
tools. The implementation that I did was entirely controlled by the
application and did not involve openssl.cnf.<br>
<br>
I don't have an opinion on whether there should be a convenient way
to draw values from openssl.cnf into a CSR. I would certainly start
with generating the CSR entirely from API calls, since that's the
more general case.<br>
<br>
<pre class="moz-signature" cols="72">--
Jordan Brown, Oracle ZFS Storage Appliance, Oracle Solaris</pre>
</body>
</html>