mirror of
https://github.com/openssl/openssl.git
synced 2024-11-25 02:53:30 +08:00
New -newreq-nodes option to CA.pl.
Submitted by: Damien Miller <djm@mindrot.org>
This commit is contained in:
parent
10a2975a27
commit
d199858e89
5
CHANGES
5
CHANGES
@ -3,6 +3,11 @@
|
||||
|
||||
Changes between 0.9.6 and 0.9.7 [xx XXX 2000]
|
||||
|
||||
*) New '-newreq-nodes' command option to CA.pl. This is like
|
||||
'-newreq', but calls 'openssl req' with the '-nodes' option
|
||||
so that the resulting key is not encrypted.
|
||||
[Damien Miller <djm@mindrot.org>]
|
||||
|
||||
*) New configuration for the GNU Hurd.
|
||||
[Jonathan Bartlett <johnnyb@wolfram.com> via Richard Levitte]
|
||||
|
||||
|
@ -5,7 +5,7 @@
|
||||
# things easier between now and when Eric is convinced to fix it :-)
|
||||
#
|
||||
# CA -newca ... will setup the right stuff
|
||||
# CA -newreq ... will generate a certificate request
|
||||
# CA -newreq[-nodes] ... will generate a certificate request
|
||||
# CA -sign ... will sign the generated request and output
|
||||
#
|
||||
# At the end of that grab newreq.pem and newcert.pem (one has the key
|
||||
@ -54,7 +54,7 @@ $RET = 0;
|
||||
|
||||
foreach (@ARGV) {
|
||||
if ( /^(-\?|-h|-help)$/ ) {
|
||||
print STDERR "usage: CA -newcert|-newreq|-newca|-sign|-verify\n";
|
||||
print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
|
||||
exit 0;
|
||||
} elsif (/^-newcert$/) {
|
||||
# create a certificate
|
||||
@ -66,6 +66,11 @@ foreach (@ARGV) {
|
||||
system ("$REQ -new -keyout newreq.pem -out newreq.pem $DAYS");
|
||||
$RET=$?;
|
||||
print "Request (and private key) is in newreq.pem\n";
|
||||
} elsif (/^-newreq-nodes$/) {
|
||||
# create a certificate request
|
||||
system ("$REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS");
|
||||
$RET=$?;
|
||||
print "Request (and private key) is in newreq.pem\n";
|
||||
} elsif (/^-newca$/) {
|
||||
# if explicitly asked for or it doesn't exist then setup the
|
||||
# directory structure that Eric likes to manage things
|
||||
@ -143,7 +148,7 @@ foreach (@ARGV) {
|
||||
}
|
||||
} else {
|
||||
print STDERR "Unknown arg $_\n";
|
||||
print STDERR "usage: CA -newcert|-newreq|-newca|-sign|-verify\n";
|
||||
print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
|
||||
exit 1;
|
||||
}
|
||||
}
|
||||
|
@ -13,6 +13,7 @@ B<CA.pl>
|
||||
[B<-help>]
|
||||
[B<-newcert>]
|
||||
[B<-newreq>]
|
||||
[B<-newreq-nodes>]
|
||||
[B<-newca>]
|
||||
[B<-xsign>]
|
||||
[B<-sign>]
|
||||
@ -46,6 +47,10 @@ written to the file "newreq.pem".
|
||||
creates a new certificate request. The private key and request are
|
||||
written to the file "newreq.pem".
|
||||
|
||||
=item B<-newreq-nowdes>
|
||||
|
||||
is like B<-newreq> except that the private key will not be encrypted.
|
||||
|
||||
=item B<-newca>
|
||||
|
||||
creates a new CA hierarchy for use with the B<ca> program (or the B<-signcert>
|
||||
|
Loading…
Reference in New Issue
Block a user