Openssl: Generate CSR for private key read from stdin

Question

I am tring to get openssl to generate a CSR for an existing private key using the windows binary of OpenSSL.

Normally the command line for this would be:

openssl.exe req -new -sha256 -out test.csr -key privkey.pem

However for security reasons I'd like to provide the key via standard input so I don't need to store the private key file on disk.

There was a similar question with a solution specific to Linux, however I am using Windows so that cannot be applied.

The private key file isn't stored anywhere? How do you use it? — Hyppy, May 06 '15 at 16:06

Gerald Schneider · Accepted Answer · 2017-04-10T09:35:54.557

2

Unlike the Linux build the Windows build of openssl supports - to tell the application to read from stdin.

openssl.exe req -new -sha256 -out test.csr -key -

Another option would be to use a RAM drive to store the key file temporarily.

edited Apr 10 '17 at 09:35

answered Apr 10 '17 at 09:25

Gerald Schneider

1 Answers1