is it possible making openssl skipping the country/common name prompts?

Question

Is there a way to make openssl skiping the prompts such as

Country Name (2 letter code) [US]: Organization Name (eg, company) [My Company Name LTD.]: Common Name (eg, YOUR name) [something]: 

While creating certificates with

openssl req -config openssl.cnf -new -x509 ... 

given the fact those parameters are provided in the openssl.cnf file

e.g.

countryName         = Country Name (2 letter code) countryName_default     = US countryName_min     = 2 countryName_max     = 2 0.organizationName      = Organization Name (eg, company) 0.organizationName_default  = My Company Name LTD. commonName          = Common Name (eg, YOUR name) commonName_max      = 64 commonName_default      = ${ENV::CN} 

Answer 1

thanks to @indiv

according to this guide -subj is the way to go, e.g.

-subj '/CN=www.mydom.com/O=My Company Name LTD./C=US' 

Answer 2

Another solution consists of using the prompt = no directive in your config file.
See OpenSsl: Configuration file format

prompt

if set to the value no this disables prompting of certificate fields and just takes values from the config file directly. It also changes the expected format of the distinguished_name and attributes sections.

There are two separate formats for the distinguished name and attribute sections.

If the prompt option is set to no then these sections just consist of field names and values: for example,

 CN = My Name  OU = My Organization  emailAddress = [email protected] 

This allows external programs (e.g. GUI based) to generate a template file with all the field names and values and just pass it to req.

Alternatively if the prompt option is absent or not set to no then the file contains field prompting information. It consists of lines of the form:

 fieldName="prompt"  fieldName_default="default field value"  fieldName_min= 2  fieldName_max= 4