So we must make this as an input argument to the script or handle this internally. In such case all the above fields can be same for all the servers but commonName must be unique for all the servers. Now assuming you plan to generate self-signed certificate for 100s of servers. So we will pre-define these fields in our configuration file which will be provided as an input to the openssl command while generating the CSR file. Normally we get a prompt for the following question: We can prepare a configuration file which we can use to auto-populate the CSR generation process. So we basically want to automate this part in our script. Now in these steps, manual intervention is required for generating CSR. So we will cover following two scenarios to generate certificate without any prompt using shell script:ĪLSO READ: OpenSSL: Generate ECC certificate & verify on Apache server But when we plan to automate this process then we cannot expect user to provide these prompts every time we need a certificate. Normally in the process of generating certificates, there are a number of prompts, especially while generating Certificate Signing Request. The idea is to have a procedure to generate certificates without any additional prompt. In this tutorial we will write a shell script to generate certificates using openssl command.
0 Comments
Leave a Reply. |