I copied /System/Library/OpenSSL/openssl.cnf to my home folder so I could set default values for certificate creation. How do I set up OpenSSL to use my config file instead of the regular one? I could add a statement to my ~/.bashrc file. I've done web searches and searched the openssl.org website but could not find the answer. One post on Stack Overflow mentioned a parameter -config but was not referenced in a command.
Asked
Active
Viewed 2.8k times
9
Pamela Cook - LightBe Corp
- 213
- 1
- 2
- 8
1 Answers
11
It would depend on what commands you're running.
If you run req or ca they would support a -config parameter. Which would also be visible if you run openssl req -? or openssl ca -?.
If you want to make it the actual default without exclusively specifying it you should check Correct location of openssl.cnf file.
From the above link for the options of the req command:
-config filename
this allows an alternative configuration file to be specified, this overrides the compile time filename or any specified in the OPENSSL_CONF environment variable.
-
I'm running req and using the installed Apple version of OpenSSL. So I would have to use -config myfilenameincludingfullpath in my req command? The link you provide does not include that info. – Pamela Cook - LightBe Corp Apr 10 '17 at 12:23
-
It does and it includes even more info, see the edit I'm about to make. But yes, that would be what you need to do. – Seth Apr 10 '17 at 12:29
-
Okay thanks. I did not see that req was a link in your comment. – Pamela Cook - LightBe Corp Apr 10 '17 at 12:30
-
2Adding -config to my statement worked! – Pamela Cook - LightBe Corp Apr 10 '17 at 12:52