问题
How can you generate a CSR without requiring user input, such as to generate CSRs from within an application?
回答1:
Pass the subject via the "-subj" argument:
openssl req -new -key <private key file> -out <CSR output file> -subj "/C=<Country Name>/ST=<State>/L=<Locality Name>/O=<Organization Name>/CN=<Common Name>"
Note that if you want to have OpenSSL build the subject string for you, you can create the CSR as you normally would, and then execute the command to self-sign it. A perfectly formatted subject line will be echoed-out at the top ("subject="):
openssl x509 -req -days 365 -in server.csr -signkey server.pem
Loading 'screen' into random state - done
Signature ok
subject=/C=US/ST=Florida/L=Miami/O=Test Group/CN=testgroup.server5
Getting Private key
...
来源:https://stackoverflow.com/questions/16842768/passing-csr-distinguished-name-fields-as-parameters-to-openssl