Openssl does not read default values from openssl.cnf

I am using the following command to create a certificate request:

openssl req -config openssl.cnf -new -out [filename].csr -passout pass:[passwor开发者_StackOverflowd]

The openssl.cnf file is in the directory that I run the command from.

The problem is that I am still prompted to submit the values for country, state, locality, etc.

I want to do this programmatically, without someone having to step in and type these values. Shouldn't openssl.cnf provide the default values to be used? Am I missing an argument or something?

In your case the correct syntax would be:

openssl req -batch -config openssl.cnf -new -out [filename].csr -passout pass:[password]

A 2048b RSA private key will be generated at the same time in 'privkey.pem'.
If you prefer creating a request for a pre-existing key, add option :

-key [keyfile]