diff options
| author | Bodo Möller <bodo@openssl.org> | 2001-01-11 13:23:19 +0000 |
|---|---|---|
| committer | Bodo Möller <bodo@openssl.org> | 2001-01-11 13:23:19 +0000 |
| commit | d199858e89e75805d47bdc32ddcdf9df389757f9 (patch) | |
| tree | 267daad5b501e810a0f273a191dd4f95d85bf1ac | |
| parent | 10a2975a278af3f3eb4eb8b20c8c2d53795a18a3 (diff) | |
New -newreq-nodes option to CA.pl.
Submitted by: Damien Miller <djm@mindrot.org>
| -rw-r--r-- | CHANGES | 5 | ||||
| -rw-r--r-- | apps/CA.pl.in | 11 | ||||
| -rw-r--r-- | doc/apps/CA.pl.pod | 5 |
3 files changed, 18 insertions, 3 deletions
@@ -3,6 +3,11 @@ Changes between 0.9.6 and 0.9.7 [xx XXX 2000] + *) New '-newreq-nodes' command option to CA.pl. This is like + '-newreq', but calls 'openssl req' with the '-nodes' option + so that the resulting key is not encrypted. + [Damien Miller <djm@mindrot.org>] + *) New configuration for the GNU Hurd. [Jonathan Bartlett <johnnyb@wolfram.com> via Richard Levitte] diff --git a/apps/CA.pl.in b/apps/CA.pl.in index f1ac7e7726..8b2ce7ea42 100644 --- a/apps/CA.pl.in +++ b/apps/CA.pl.in @@ -5,7 +5,7 @@ # things easier between now and when Eric is convinced to fix it :-) # # CA -newca ... will setup the right stuff -# CA -newreq ... will generate a certificate request +# CA -newreq[-nodes] ... will generate a certificate request # CA -sign ... will sign the generated request and output # # At the end of that grab newreq.pem and newcert.pem (one has the key @@ -54,7 +54,7 @@ $RET = 0; foreach (@ARGV) { if ( /^(-\?|-h|-help)$/ ) { - print STDERR "usage: CA -newcert|-newreq|-newca|-sign|-verify\n"; + print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n"; exit 0; } elsif (/^-newcert$/) { # create a certificate @@ -66,6 +66,11 @@ foreach (@ARGV) { system ("$REQ -new -keyout newreq.pem -out newreq.pem $DAYS"); $RET=$?; print "Request (and private key) is in newreq.pem\n"; + } elsif (/^-newreq-nodes$/) { + # create a certificate request + system ("$REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS"); + $RET=$?; + print "Request (and private key) is in newreq.pem\n"; } elsif (/^-newca$/) { # if explicitly asked for or it doesn't exist then setup the # directory structure that Eric likes to manage things @@ -143,7 +148,7 @@ foreach (@ARGV) { } } else { print STDERR "Unknown arg $_\n"; - print STDERR "usage: CA -newcert|-newreq|-newca|-sign|-verify\n"; + print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n"; exit 1; } } diff --git a/doc/apps/CA.pl.pod b/doc/apps/CA.pl.pod index 63cd1320cc..58e0f52001 100644 --- a/doc/apps/CA.pl.pod +++ b/doc/apps/CA.pl.pod @@ -13,6 +13,7 @@ B<CA.pl> [B<-help>] [B<-newcert>] [B<-newreq>] +[B<-newreq-nodes>] [B<-newca>] [B<-xsign>] [B<-sign>] @@ -46,6 +47,10 @@ written to the file "newreq.pem". creates a new certificate request. The private key and request are written to the file "newreq.pem". +=item B<-newreq-nowdes> + +is like B<-newreq> except that the private key will not be encrypted. + =item B<-newca> creates a new CA hierarchy for use with the B<ca> program (or the B<-signcert> |