If you need to generate a CSR, OpenSSL has a helpful prompt interface for completing the required fields one at a time. However, if you are using automation, collecting STDIN is not always an option.
While working with Ansible, I learned that OpenSSL CSR generation allows you to pass the appropriate details using the
-subj parameter like in this example:
# C: Country Code # ST: State (Region) # L: Locality (City) # O: Organization # OU: Organizational Unit # CN: Common Name openssl req \ -subj "/C=US/ST=Ohio/L=Columbus/O=Acme Company/OU=Acme/CN=example.com" \ -newkey rsa:2048 -nodes \ -keyout example_com.key \ -out example_com.csr
Now you can continue uninterrupted without needing to manually enter details anytime you generate a CSR.