Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Sign certificate without prompt in shell-script

I'm writing a shell-script to sign certificates using openssl:

openssl ca -config "$CONF" -out "$BOXCERT" -infiles "$CSRFILE" 

However, when running it, openssl always asks whether I want to sign the certificate:

Certificate is to be certified until Mar 19 11:50:33 2023 GMT (3653 days) Sign the certificate? [y/n]:y  1 out of 1 certificate requests certified, commit? [y/n]y Write out database with 1 new entries Data Base Updated 

I would like the script to run non-interactively in a server. Is there some command-line parameter or configuration file option to tell OpenSSL to sign the certificate and commit it without prompting?

like image 318
Víctor Fernández Avatar asked Mar 18 '13 12:03

Víctor Fernández


1 Answers

You can use the -batch option of openssl.

eg:

 openssl ca -batch -config "$CONF" -out "$BOXCERT" -infiles "$CSRFILE"  
like image 119
dwalter Avatar answered Oct 07 '22 10:10

dwalter