Is it possible to pass in the subject's key from stdin when creating CSRs with OpenSSL?
Like in the following (non-working)
openssl req -new -key stdin -subj '/C=US/ST=NY/L=Somewhere/organizationName=MyOrg/OU=MyDept/CN=fqdn.of.my.host'
The
-key stdin
part is not working.
I want to use OpenSSL for CSR and certificate creating in a scripting environment, and both keys and subject information are coming from a database.
Answer
*nix commands usually use a dash to represent stdin or stdout in the context of file parameters, so -key -
is supposed to read the key from stdin. However, it seems that openssl
doesn't implement this. Luckily, in Linux pretty much everything is a file, including stdin which can be accessed as /dev/stdin
(which is actually a symlink to /proc/self/fd/0
), so the following works:
openssl req -new -key /dev/stdin
No comments:
Post a Comment