I think I have the right OpenSSL command to sign a certificate but I've gotten stuck and the tutorials I've found use a different argument format (I'm using OpenSSL 0.9.8o 01 Jun 2010).
openssl ca -cert cert.pem -keyfile key.pem
(Private key is not encryped and CSR is on stdin.)
It gives this error
Using configuration from /usr/lib/ssl/openssl.cnf./demoCA/index.txt: No such file or directoryunable to open './demoCA/index.txt'Looking at that configuration file:
[ ca ]default_ca = CA_default # The default ca section[ CA_default ]dir = ./demoCA # Where everything is keptcerts = $dir/certs # Where the issued certs are keppcrl_dir = $dir/crl # Where the issued crl are keptdatabase = $dir/index.txt # database index file.I don't have any of this set up. I don't want to set any of this up.
Is it strictly nessecary, or is there a "don't bother" option?
I tried creating empty directories and files but I've got in a tangle. What I really want is for a command like the above to work, with the output on stdout, without touching anything on the filesystem.