I'm setting up a development VDI, and need to automate creations of some certificates for accessing https://{foo}.local (127.0.0.1) websites duing dev and testing.
I'm only allowed to use OpenSSL and powershell and it must be unnattended, need to run this to automate setting up a developer VDI, so cannot have any user prompts.
I found lots of code with the following type of example but cant find a way to pass in the passphrase to use;
this is what I have so far…
openssl
req -x509 -newkey rsa:4096 -keyout
openssl.key -out openssl.crt -subj /CN=website.name
-days 300
this would then be followed by creating the actual certificate
openssl pck12 -export .... etc
As mentioned, I need to be able to provide a passphrase so that the above runs without any user intervention. The above code runs as expected, just …kicks up the prompt for passphrase.
i've tried various -passin {xyz}
even -password pass:mysecret
et al settings, to no avail.
Any ideas?
Txs,
A
Best Answer
Add the parameter
-nodes
to your openssl command.This will skip the encryption of the private key. You will not be prompted for a passphrase.