I am needing to automate the generation of self signed SSL certificates for testing purposes for a project. I am generating a certificate and key using the following OpenSSL command:
> openssl req -x509 -newkey rsa:2048 -keyout myserver.key -out myserver.crt -subj "/C=US/ST=California/L=San Diego/O=Development/OU=Dev/CN=example.com"
During generation you are prompted to create a PEM pass phrase:
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
How can I automate this? I have tried the -passin argument like this:
openssl ...... -passin pass:foobar .....
also
openssl ...... -passin file:secretfile.txt .....
But in both cases it still asks for to create a PEM pass phrase. From what I read I think that passin is only adding a password to the key file...
Is it possible to automate this somehow?
The process creates a password protected key file. It thus needs a password which gets used to store this output file. But the -passin argument you use is for reading an input file. From the documentation:
-passin arg - the input file password source
Instead you need the proper option to specify the output password, i.e.
-passout arg - the output file password source