I'm writing a shell-script to sign certificates using openssl:
openssl ca -config "$CONF" -out "$BOXCERT" -infiles "$CSRFILE"
However, when running it, openssl always asks whether I want to sign the certificate:
Certificate is to be certified until Mar 19 11:50:33 2023 GMT (3653 days) Sign the certificate? [y/n]:y 1 out of 1 certificate requests certified, commit? [y/n]y Write out database with 1 new entries Data Base Updated
I would like the script to run non-interactively in a server. Is there some command-line parameter or configuration file option to tell OpenSSL to sign the certificate and commit it without prompting?
You can use the -batch
option of openssl.
eg:
openssl ca -batch -config "$CONF" -out "$BOXCERT" -infiles "$CSRFILE"
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With