1=pod 2{- OpenSSL::safe::output_do_not_edit_headers(); -} 3 4=head1 NAME 5 6openssl-req - PKCS#10 certificate request and certificate generating command 7 8=head1 SYNOPSIS 9 10B<openssl> B<req> 11[B<-help>] 12[B<-inform> B<DER>|B<PEM>] 13[B<-outform> B<DER>|B<PEM>] 14[B<-in> I<filename>] 15[B<-passin> I<arg>] 16[B<-out> I<filename>] 17[B<-passout> I<arg>] 18[B<-text>] 19[B<-pubkey>] 20[B<-noout>] 21[B<-verify>] 22[B<-modulus>] 23[B<-new>] 24[B<-newkey> I<arg>] 25[B<-pkeyopt> I<opt>:I<value>] 26[B<-noenc>] 27[B<-nodes>] 28[B<-key> I<filename>|I<uri>] 29[B<-keyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>] 30[B<-keyout> I<filename>] 31[B<-keygen_engine> I<id>] 32[B<-I<digest>>] 33[B<-config> I<filename>] 34[B<-section> I<name>] 35[B<-x509>] 36[B<-x509v1>] 37[B<-CA> I<filename>|I<uri>] 38[B<-CAkey> I<filename>|I<uri>] 39[B<-not_before> I<date>] 40[B<-not_after> I<date>] 41[B<-days> I<n>] 42[B<-set_serial> I<n>] 43[B<-newhdr>] 44[B<-copy_extensions> I<arg>] 45[B<-extensions> I<section>] 46[B<-reqexts> I<section>] 47[B<-addext> I<ext>] 48[B<-precert>] 49[B<-utf8>] 50[B<-reqopt>] 51[B<-subject>] 52[B<-subj> I<arg>] 53[B<-multivalue-rdn>] 54[B<-sigopt> I<nm>:I<v>] 55[B<-vfyopt> I<nm>:I<v>] 56[B<-batch>] 57[B<-verbose>] 58[B<-quiet>] 59{- $OpenSSL::safe::opt_name_synopsis -} 60{- $OpenSSL::safe::opt_r_synopsis -} 61{- $OpenSSL::safe::opt_engine_synopsis -}{- $OpenSSL::safe::opt_provider_synopsis -} 62 63=head1 DESCRIPTION 64 65This command primarily creates and processes certificate requests (CSRs) 66in PKCS#10 format. It can additionally create self-signed certificates 67for use as root CAs for example. 68 69=head1 OPTIONS 70 71=over 4 72 73=item B<-help> 74 75Print out a usage message. 76 77=item B<-inform> B<DER>|B<PEM> 78 79The CSR input file format to use; by default PEM is tried first. 80See L<openssl-format-options(1)> for details. 81 82=item B<-outform> B<DER>|B<PEM> 83 84The output format; unspecified by default. 85See L<openssl-format-options(1)> for details. 86 87The data is a PKCS#10 object. 88 89=item B<-in> I<filename> 90 91This specifies the input filename to read a request from. 92This defaults to standard input unless B<-x509> or B<-CA> is specified. 93A request is only read if the creation options 94(B<-new> or B<-newkey> or B<-precert>) are not specified. 95 96=item B<-sigopt> I<nm>:I<v> 97 98Pass options to the signature algorithm during sign operations. 99Names and values of these options are algorithm-specific. 100 101=item B<-vfyopt> I<nm>:I<v> 102 103Pass options to the signature algorithm during verify operations. 104Names and values of these options are algorithm-specific. 105 106=begin comment 107 108Maybe it would be preferable to only have -opts instead of -sigopt and 109-vfyopt? They are both present here to be compatible with L<openssl-ca(1)>, 110which supports both options for good reasons. 111 112=end comment 113 114=item B<-passin> I<arg> 115 116The password source for private key and certificate input. 117For more information about the format of B<arg> 118see L<openssl-passphrase-options(1)>. 119 120=item B<-passout> I<arg> 121 122The password source for the output file. 123For more information about the format of B<arg> 124see L<openssl-passphrase-options(1)>. 125 126=item B<-out> I<filename> 127 128This specifies the output filename to write to or standard output by default. 129 130=item B<-text> 131 132Prints out the certificate request in text form. 133 134=item B<-subject> 135 136Prints out the certificate request subject 137(or certificate subject if B<-x509> is in use). 138 139=item B<-pubkey> 140 141Prints out the public key. 142 143=item B<-noout> 144 145This option prevents output of the encoded version of the certificate request. 146 147=item B<-modulus> 148 149Prints out the value of the modulus of the public key contained in the request. 150 151=item B<-verify> 152 153Verifies the self-signature on the request. If the verification fails, 154the program will immediately exit, i.e. further option processing 155(e.g. B<-text>) is skipped. 156 157=item B<-new> 158 159This option generates a new certificate request. It will prompt 160the user for the relevant field values. The actual fields 161prompted for and their maximum and minimum sizes are specified 162in the configuration file and any requested extensions. 163 164If the B<-key> option is not given it will generate a new private key 165using information specified in the configuration file or given with 166the B<-newkey> and B<-pkeyopt> options, 167else by default an RSA key with 2048 bits length. 168 169=item B<-newkey> I<arg> 170 171This option is used to generate a new private key unless B<-key> is given. 172It is subsequently used as if it was given using the B<-key> option. 173 174This option implies the B<-new> flag to create a new certificate request 175or a new certificate in case B<-x509> is used. 176 177The argument takes one of several forms. 178 179[B<rsa:>]I<nbits> generates an RSA key I<nbits> in size. 180If I<nbits> is omitted, i.e., B<-newkey> B<rsa> is specified, 181the default key size specified in the configuration file 182with the B<default_bits> option is used if present, else 2048. 183 184All other algorithms support the B<-newkey> I<algname>:I<file> form, where 185I<file> is an algorithm parameter file, created with C<openssl genpkey -genparam> 186or an X.509 certificate for a key with appropriate algorithm. 187 188B<param:>I<file> generates a key using the parameter file or certificate 189I<file>, the algorithm is determined by the parameters. 190 191I<algname>[:I<file>] generates a key using the given algorithm I<algname>. 192If a parameter file I<file> is given then the parameters specified there 193are used, where the algorithm parameters must match I<algname>. 194If algorithm parameters are not given, 195any necessary parameters should be specified via the B<-pkeyopt> option. 196 197B<dsa:>I<filename> generates a DSA key using the parameters 198in the file I<filename>. B<ec:>I<filename> generates EC key (usable both with 199ECDSA or ECDH algorithms), B<gost2001:>I<filename> generates GOST R 20034.10-2001 key (requires B<gost> engine configured in the configuration 201file). If just B<gost2001> is specified a parameter set should be 202specified by B<-pkeyopt> I<paramset:X> 203 204=item B<-pkeyopt> I<opt>:I<value> 205 206Set the public key algorithm option I<opt> to I<value>. The precise set of 207options supported depends on the public key algorithm used and its 208implementation. 209See L<openssl-genpkey(1)/KEY GENERATION OPTIONS> for more details. 210 211=item B<-key> I<filename>|I<uri> 212 213This option provides the private key for signing a new certificate or 214certificate request. 215Unless B<-in> is given, the corresponding public key is placed in 216the new certificate or certificate request, resulting in a self-signature. 217 218For certificate signing this option is overridden by the B<-CA> option. 219 220This option also accepts PKCS#8 format private keys for PEM format files. 221 222=item B<-keyform> B<DER>|B<PEM>|B<P12>|B<ENGINE> 223 224The format of the private key; unspecified by default. 225See L<openssl-format-options(1)> for details. 226 227=item B<-keyout> I<filename> 228 229This gives the filename to write any private key to that has been newly created 230or read from B<-key>. If neither the B<-keyout> option nor the B<-key> option 231are given then the filename specified in the configuration file with the 232B<default_keyfile> option is used, if present. Thus, if you want to write the 233private key and the B<-key> option is provided, you should provide the 234B<-keyout> option explicitly. If a new key is generated and no filename is 235specified the key is written to standard output. 236 237=item B<-noenc> 238 239If this option is specified then if a private key is created it 240will not be encrypted. 241 242=item B<-nodes> 243 244This option is deprecated since OpenSSL 3.0; use B<-noenc> instead. 245 246=item B<-I<digest>> 247 248This specifies the message digest to sign the request. 249Any digest supported by the OpenSSL B<dgst> command can be used. 250This overrides the digest algorithm specified in 251the configuration file. 252 253Some public key algorithms may override this choice. For instance, DSA 254signatures always use SHA1, GOST R 34.10 signatures always use 255GOST R 34.11-94 (B<-md_gost94>), Ed25519 and Ed448 never use any digest. 256 257=item B<-config> I<filename> 258 259This allows an alternative configuration file to be specified. 260Optional; for a description of the default value, 261see L<openssl(1)/COMMAND SUMMARY>. 262 263=item B<-section> I<name> 264 265Specifies the name of the section to use; the default is B<req>. 266 267=item B<-subj> I<arg> 268 269Sets subject name for new request or supersedes the subject name 270when processing a certificate request. 271 272The arg must be formatted as C</type0=value0/type1=value1/type2=...>. 273Special characters may be escaped by C<\> (backslash), whitespace is retained. 274Empty values are permitted, but the corresponding type will not be included 275in the request. 276Giving a single C</> will lead to an empty sequence of RDNs (a NULL-DN). 277Multi-valued RDNs can be formed by placing a C<+> character instead of a C</> 278between the AttributeValueAssertions (AVAs) that specify the members of the set. 279Example: 280 281C</DC=org/DC=OpenSSL/DC=users/UID=123456+CN=John Doe> 282 283=item B<-multivalue-rdn> 284 285This option has been deprecated and has no effect. 286 287=item B<-x509> 288 289This option outputs a certificate instead of a certificate request. 290This is typically used to generate test certificates. 291It is implied by the B<-CA> option. 292 293This option implies the B<-new> flag if B<-in> is not given. 294 295If an existing request is specified with the B<-in> option, it is converted 296to a certificate; otherwise a request is created from scratch. 297 298Unless specified using the B<-set_serial> option, 299a large random number will be used for the serial number. 300 301Unless the B<-copy_extensions> option is used, 302X.509 extensions are not copied from any provided request input file. 303 304X.509 extensions to be added can be specified in the configuration file, 305possibly using the B<-config> and B<-extensions> options, 306and/or using the B<-addext> option. 307 308Unless B<-x509v1> is given, generated certificates bear X.509 version 3. 309Unless specified otherwise, 310key identifier extensions are included as described in L<x509v3_config(5)>. 311 312=item B<-x509v1> 313 314Request generation of certificates with X.509 version 1. 315This implies B<-x509>. 316If X.509 extensions are given, anyway X.509 version 3 is set. 317 318=item B<-CA> I<filename>|I<uri> 319 320Specifies the "CA" certificate to be used for signing a new certificate 321and implies use of B<-x509>. 322When present, this behaves like a "micro CA" as follows: 323The subject name of the "CA" certificate is placed as issuer name in the new 324certificate, which is then signed using the "CA" key given as specified below. 325 326=item B<-CAkey> I<filename>|I<uri> 327 328Sets the "CA" private key to sign a certificate with. 329The private key must match the public key of the certificate given with B<-CA>. 330If this option is not provided then the key must be present in the B<-CA> input. 331 332=item B<-not_before> I<date> 333 334When B<-x509> is in use this allows the start date to be explicitly set, 335otherwise it is ignored. The format of I<date> is YYMMDDHHMMSSZ (the 336same as an ASN1 UTCTime structure), or YYYYMMDDHHMMSSZ (the same as an 337ASN1 GeneralizedTime structure). In both formats, seconds SS and 338timezone Z must be present. 339Alternatively, you can also use "today". 340 341=item B<-not_after> I<date> 342 343When B<-x509> is in use this allows the expiry date to be explicitly 344set, otherwise it is ignored. The format of I<date> is YYMMDDHHMMSSZ 345(the same as an ASN1 UTCTime structure), or YYYYMMDDHHMMSSZ (the same as 346an ASN1 GeneralizedTime structure). In both formats, seconds SS and 347timezone Z must be present. 348Alternatively, you can also use "today". 349 350This overrides the B<-days> option. 351 352=item B<-days> I<n> 353 354When B<-x509> is in use this specifies the number of days from today to 355certify the certificate for, otherwise it is ignored. I<n> should 356be a positive integer. The default is 30 days. 357 358Regardless of the option B<-not_before>, the days are always counted from 359today. 360When used together with the option B<-not_after>, the explicit expiry 361date takes precedence. 362 363=item B<-set_serial> I<n> 364 365Serial number to use when outputting a self-signed certificate. 366This may be specified as a decimal value or a hex value if preceded by C<0x>. 367If not given, a large random number will be used. 368 369=item B<-copy_extensions> I<arg> 370 371Determines how X.509 extensions in certificate requests should be handled 372when B<-x509> is in use. 373If I<arg> is B<none> or this option is not present then extensions are ignored. 374If I<arg> is B<copy> or B<copyall> then 375all extensions in the request are copied to the certificate. 376 377The main use of this option is to allow a certificate request to supply 378values for certain extensions such as subjectAltName. 379 380=item B<-extensions> I<section>, 381B<-reqexts> I<section> 382 383Can be used to override the name of the configuration file section 384from which X.509 extensions are included 385in the certificate (when B<-x509> is in use) or certificate request. 386This allows several different sections to be used in the same configuration 387file to specify requests for a variety of purposes. 388 389=item B<-addext> I<ext> 390 391Add a specific extension to the certificate (if B<-x509> is in use) 392or certificate request. The argument must have the form of 393a C<key=value> pair as it would appear in a config file. 394 395If an extension is added using this option that has the same OID as one 396defined in the extension section of the config file, it overrides that one. 397 398This option can be given multiple times. 399Doing so, the same key most not be given more than once. 400 401=item B<-precert> 402 403A poison extension will be added to the certificate, making it a 404"pre-certificate" (see RFC6962). This can be submitted to Certificate 405Transparency logs in order to obtain signed certificate timestamps (SCTs). 406These SCTs can then be embedded into the pre-certificate as an extension, before 407removing the poison and signing the certificate. 408 409This implies the B<-new> flag. 410 411=item B<-utf8> 412 413This option causes field values to be interpreted as UTF8 strings, by 414default they are interpreted as ASCII. This means that the field 415values, whether prompted from a terminal or obtained from a 416configuration file, must be valid UTF8 strings. 417 418=item B<-reqopt> I<option> 419 420Customise the printing format used with B<-text>. The I<option> argument can be 421a single option or multiple options separated by commas. 422 423See discussion of the B<-certopt> parameter in the L<openssl-x509(1)> 424command. 425 426=item B<-newhdr> 427 428Adds the word B<NEW> to the PEM file header and footer lines on the outputted 429request. Some software (Netscape certificate server) and some CAs need this. 430 431=item B<-batch> 432 433Non-interactive mode. 434 435=item B<-verbose> 436 437Print extra details about the operations being performed. 438 439=item B<-quiet> 440 441Print fewer details about the operations being performed, which may be 442handy during batch scripts or pipelines (specifically "progress dots" 443during key generation are suppressed). 444 445=item B<-keygen_engine> I<id> 446 447Specifies an engine (by its unique I<id> string) which would be used 448for key generation operations. 449 450{- $OpenSSL::safe::opt_name_item -} 451 452{- $OpenSSL::safe::opt_r_item -} 453 454{- $OpenSSL::safe::opt_engine_item -} 455 456{- $OpenSSL::safe::opt_provider_item -} 457 458=back 459 460=head1 CONFIGURATION FILE FORMAT 461 462The configuration options are specified in the B<req> section of 463the configuration file. An alternate name be specified by using the 464B<-section> option. 465As with all configuration files, if no 466value is specified in the specific section then 467the initial unnamed or B<default> section is searched too. 468 469The options available are described in detail below. 470 471=over 4 472 473=item B<input_password>, B<output_password> 474 475The passwords for the input private key file (if present) and 476the output private key file (if one will be created). The 477command line options B<passin> and B<passout> override the 478configuration file values. 479 480=item B<default_bits> 481 482Specifies the default key size in bits. 483 484This option is used in conjunction with the B<-new> option to generate 485a new key. It can be overridden by specifying an explicit key size in 486the B<-newkey> option. The smallest accepted key size is 512 bits. If 487no key size is specified then 2048 bits is used. 488 489=item B<default_keyfile> 490 491This is the default filename to write a private key to. If not 492specified the key is written to standard output. This can be 493overridden by the B<-keyout> option. 494 495=item B<oid_file> 496 497This specifies a file containing additional B<OBJECT IDENTIFIERS>. 498Each line of the file should consist of the numerical form of the 499object identifier followed by whitespace then the short name followed 500by whitespace and finally the long name. 501 502=item B<oid_section> 503 504This specifies a section in the configuration file containing extra 505object identifiers. Each line should consist of the short name of the 506object identifier followed by B<=> and the numerical form. The short 507and long names are the same when this option is used. 508 509=item B<RANDFILE> 510 511At startup the specified file is loaded into the random number generator, 512and at exit 256 bytes will be written to it. 513It is used for private key generation. 514 515=item B<encrypt_key> 516 517If this is set to B<no> then if a private key is generated it is 518B<not> encrypted. This is equivalent to the B<-noenc> command line 519option. For compatibility B<encrypt_rsa_key> is an equivalent option. 520 521=item B<default_md> 522 523This option specifies the digest algorithm to use. Any digest supported by the 524OpenSSL B<dgst> command can be used. This option can be overridden on the 525command line. Certain signing algorithms (i.e. Ed25519 and Ed448) will ignore 526any digest that has been set. 527 528=item B<string_mask> 529 530This option masks out the use of certain string types in certain 531fields. Most users will not need to change this option. It can be set to 532several values: 533 534=over 4 535 536=item B<utf8only> 537- only UTF8Strings are used (this is the default value) 538 539=item B<pkix> 540- any string type except T61Strings 541 542=item B<nombstr> 543- any string type except BMPStrings and UTF8Strings 544 545=item B<default> 546- any kind of string type 547 548=back 549 550Note that B<utf8only> is the PKIX recommendation in RFC2459 after 2003, and the 551default B<string_mask>; B<default> is not the default option. The B<nombstr> 552value is a workaround for some software that has problems with variable-sized 553BMPStrings and UTF8Strings. 554 555=item B<req_extensions> 556 557This specifies the configuration file section containing a list of 558extensions to add to the certificate request. It can be overridden 559by the B<-reqexts> (or B<-extensions>) command line switch. See the 560L<x509v3_config(5)> manual page for details of the 561extension section format. 562 563=item B<x509_extensions> 564 565This specifies the configuration file section containing a list of 566extensions to add to certificate generated when B<-x509> is in use. 567It can be overridden by the B<-extensions> command line switch. 568 569=item B<prompt> 570 571If set to the value B<no> this disables prompting of certificate fields 572and just takes values from the config file directly. It also changes the 573expected format of the B<distinguished_name> and B<attributes> sections. 574 575=item B<utf8> 576 577If set to the value B<yes> then field values to be interpreted as UTF8 578strings, by default they are interpreted as ASCII. This means that 579the field values, whether prompted from a terminal or obtained from a 580configuration file, must be valid UTF8 strings. 581 582=item B<attributes> 583 584This specifies the section containing any request attributes: its format 585is the same as B<distinguished_name>. Typically these may contain the 586challengePassword or unstructuredName types. They are currently ignored 587by OpenSSL's request signing utilities but some CAs might want them. 588 589=item B<distinguished_name> 590 591This specifies the section containing the distinguished name fields to 592prompt for when generating a certificate or certificate request. The format 593is described in the next section. 594 595=back 596 597=head1 DISTINGUISHED NAME AND ATTRIBUTE SECTION FORMAT 598 599There are two separate formats for the distinguished name and attribute 600sections. If the B<prompt> option is set to B<no> then these sections 601just consist of field names and values: for example, 602 603 CN=My Name 604 OU=My Organization 605 emailAddress=someone@somewhere.org 606 607This allows external programs (e.g. GUI based) to generate a template file with 608all the field names and values and just pass it to this command. An example 609of this kind of configuration file is contained in the B<EXAMPLES> section. 610 611Alternatively if the B<prompt> option is absent or not set to B<no> then the 612file contains field prompting information. It consists of lines of the form: 613 614 fieldName="prompt" 615 fieldName_default="default field value" 616 fieldName_min= 2 617 fieldName_max= 4 618 619"fieldName" is the field name being used, for example commonName (or CN). 620The "prompt" string is used to ask the user to enter the relevant 621details. If the user enters nothing then the default value is used if no 622default value is present then the field is omitted. A field can 623still be omitted if a default value is present if the user just 624enters the '.' character. 625 626The number of characters entered must be between the fieldName_min and 627fieldName_max limits: there may be additional restrictions based 628on the field being used (for example countryName can only ever be 629two characters long and must fit in a PrintableString). 630 631Some fields (such as organizationName) can be used more than once 632in a DN. This presents a problem because configuration files will 633not recognize the same name occurring twice. To avoid this problem 634if the fieldName contains some characters followed by a full stop 635they will be ignored. So for example a second organizationName can 636be input by calling it "1.organizationName". 637 638The actual permitted field names are any object identifier short or 639long names. These are compiled into OpenSSL and include the usual 640values such as commonName, countryName, localityName, organizationName, 641organizationalUnitName, stateOrProvinceName. Additionally emailAddress 642is included as well as name, surname, givenName, initials, and dnQualifier. 643 644Additional object identifiers can be defined with the B<oid_file> or 645B<oid_section> options in the configuration file. Any additional fields 646will be treated as though they were a DirectoryString. 647 648 649=head1 EXAMPLES 650 651Examine and verify certificate request: 652 653 openssl req -in req.pem -text -verify -noout 654 655Create a private key and then generate a certificate request from it: 656 657 openssl genrsa -out key.pem 2048 658 openssl req -new -key key.pem -out req.pem 659 660The same but just using req: 661 662 openssl req -newkey rsa:2048 -keyout key.pem -out req.pem 663 664Generate a self-signed root certificate: 665 666 openssl req -x509 -newkey rsa:2048 -keyout key.pem -out req.pem 667 668Create an SM2 private key and then generate a certificate request from it: 669 670 openssl ecparam -genkey -name SM2 -out sm2.key 671 openssl req -new -key sm2.key -out sm2.csr -sm3 -sigopt "distid:1234567812345678" 672 673Examine and verify an SM2 certificate request: 674 675 openssl req -verify -in sm2.csr -sm3 -vfyopt "distid:1234567812345678" 676 677Example of a file pointed to by the B<oid_file> option: 678 679 1.2.3.4 shortName A longer Name 680 1.2.3.6 otherName Other longer Name 681 682Example of a section pointed to by B<oid_section> making use of variable 683expansion: 684 685 testoid1=1.2.3.5 686 testoid2=${testoid1}.6 687 688Sample configuration file prompting for field values: 689 690 [ req ] 691 default_bits = 2048 692 default_keyfile = privkey.pem 693 distinguished_name = req_distinguished_name 694 attributes = req_attributes 695 req_extensions = v3_ca 696 697 dirstring_type = nobmp 698 699 [ req_distinguished_name ] 700 countryName = Country Name (2 letter code) 701 countryName_default = AU 702 countryName_min = 2 703 countryName_max = 2 704 705 localityName = Locality Name (eg, city) 706 707 organizationalUnitName = Organizational Unit Name (eg, section) 708 709 commonName = Common Name (eg, YOUR name) 710 commonName_max = 64 711 712 emailAddress = Email Address 713 emailAddress_max = 40 714 715 [ req_attributes ] 716 challengePassword = A challenge password 717 challengePassword_min = 4 718 challengePassword_max = 20 719 720 [ v3_ca ] 721 722 subjectKeyIdentifier=hash 723 authorityKeyIdentifier=keyid:always,issuer:always 724 basicConstraints = critical, CA:true 725 726Sample configuration containing all field values: 727 728 729 [ req ] 730 default_bits = 2048 731 default_keyfile = keyfile.pem 732 distinguished_name = req_distinguished_name 733 attributes = req_attributes 734 prompt = no 735 output_password = mypass 736 737 [ req_distinguished_name ] 738 C = GB 739 ST = Test State or Province 740 L = Test Locality 741 O = Organization Name 742 OU = Organizational Unit Name 743 CN = Common Name 744 emailAddress = test@email.address 745 746 [ req_attributes ] 747 challengePassword = A challenge password 748 749Example of giving the most common attributes (subject and extensions) 750on the command line: 751 752 openssl req -new -subj "/C=GB/CN=foo" \ 753 -addext "subjectAltName = DNS:foo.co.uk" \ 754 -addext "certificatePolicies = 1.2.3.4" \ 755 -newkey rsa:2048 -keyout key.pem -out req.pem 756 757 758=head1 NOTES 759 760The certificate requests generated by B<Xenroll> with MSIE have extensions 761added. It includes the B<keyUsage> extension which determines the type of 762key (signature only or general purpose) and any additional OIDs entered 763by the script in an B<extendedKeyUsage> extension. 764 765=head1 DIAGNOSTICS 766 767The following messages are frequently asked about: 768 769 Using configuration from /some/path/openssl.cnf 770 Unable to load config info 771 772This is followed some time later by: 773 774 unable to find 'distinguished_name' in config 775 problems making Certificate Request 776 777The first error message is the clue: it can't find the configuration 778file! Certain operations (like examining a certificate request) don't 779need a configuration file so its use isn't enforced. Generation of 780certificates or requests however does need a configuration file. This 781could be regarded as a bug. 782 783Another puzzling message is this: 784 785 Attributes: 786 a0:00 787 788this is displayed when no attributes are present and the request includes 789the correct empty B<SET OF> structure (the DER encoding of which is 0xa0 7900x00). If you just see: 791 792 Attributes: 793 794then the B<SET OF> is missing and the encoding is technically invalid (but 795it is tolerated). See the description of the command line option B<-asn1-kludge> 796for more information. 797 798=head1 BUGS 799 800OpenSSL's handling of T61Strings (aka TeletexStrings) is broken: it effectively 801treats them as ISO-8859-1 (Latin 1), Netscape and MSIE have similar behaviour. 802This can cause problems if you need characters that aren't available in 803PrintableStrings and you don't want to or can't use BMPStrings. 804 805As a consequence of the T61String handling the only correct way to represent 806accented characters in OpenSSL is to use a BMPString: unfortunately Netscape 807currently chokes on these. If you have to use accented characters with Netscape 808and MSIE then you currently need to use the invalid T61String form. 809 810The current prompting is not very friendly. It doesn't allow you to confirm what 811you've just entered. Other things like extensions in certificate requests are 812statically defined in the configuration file. Some of these: like an email 813address in subjectAltName should be input by the user. 814 815=head1 SEE ALSO 816 817L<openssl(1)>, 818L<openssl-x509(1)>, 819L<openssl-ca(1)>, 820L<openssl-genrsa(1)>, 821L<openssl-gendsa(1)>, 822L<config(5)>, 823L<x509v3_config(5)> 824 825=head1 HISTORY 826 827The B<-section> option was added in OpenSSL 3.0.0. 828 829The B<-multivalue-rdn> option has become obsolete in OpenSSL 3.0.0 and 830has no effect. 831 832The B<-engine> option was deprecated in OpenSSL 3.0. 833The <-nodes> option was deprecated in OpenSSL 3.0, too; use B<-noenc> instead. 834 835The B<-reqexts> option has been made an alias of B<-extensions> in OpenSSL 3.2. 836 837Since OpenSSL 3.2, 838generated certificates bear X.509 version 3 unless B<-x509v1> is given, 839and key identifier extensions are included by default. 840 841Since OpenSSL 3.3, the B<-verify> option will exit with 1 on failure. 842 843=head1 COPYRIGHT 844 845Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved. 846 847Licensed under the Apache License 2.0 (the "License"). You may not use 848this file except in compliance with the License. You can obtain a copy 849in the file LICENSE in the source distribution or at 850L<https://www.openssl.org/source/license.html>. 851 852=cut 853