我正在使用Fabric自动创建SSL,但是当我运行类似
的东西时local('openssl genrsa -out /etc/ssl/'+hostname+'/'+hostname+'.key 2048')
更新
如果我将prompt=no放入openssl.cnf,cd至/ssdhome/development/server,请运行:
sudo openssl req -new -key './server.key' -out './server.csr' -config='./openssl.cnf'
openssl打印出help信息,而不是运行上面的命令。我哪里出错?
更新2 : - config不应该有'='符号,而是空格。解决了。还链接到我的openssl.cnf的这个副本,以使其工作:
答案 0 :(得分:1)
使用https://help.ubuntu.com/community/OpenSSL让prompt=no停止投掷错误,并使用-config ./openssl.cnf自动提示,这要归功于用户alecxe。
答案 1 :(得分:1)
请参阅How to answer to prompts automatically with python fabric?
from ilogue.fexpect import expect, expecting, run
def sample():
private_key = "password"
hostname = "ubuntu"
output_dir = '/etc/ssl/' + hostname
prompts = []
prompts += expect('Enter pass phrase for private.key:',private_key)
prompts += expect('Verifying - Enter pass phrase for private.key:private_key',private_key)
prompts += expect('Enter pass phrase for %s/server.key:' % output_dir, private_key)
prompts += expect('Country Name \(2 letter code\) \[AU\]:','AU')
prompts += expect('State or Province Name \(full name\) \[Some-State\]:','State')
prompts += expect('Locality Name \(eg, city\) \[\]:','City')
prompts += expect('Organization Name \(eg, company\) \[Internet Widgits Pty Ltd\]:','Company')
prompts += expect('Organizational Unit Name \(eg, section\) \[\]:','Section')
prompts += expect('Common Name \(e.g. server FQDN or YOUR name\) \[\]:','FQDN')
prompts += expect('Email Address \[\]:','email@foo.com')
prompts += expect('A challenge password \[\]:','challenge_password')
prompts += expect('An optional company name \[\]:','optional_company')
with expecting(prompts):
run('openssl genrsa -des3 -out %s/server.key 2048' % output_dir)
run('openssl req -new -key %s/server.key -out %s/server.csr' % (output_dir, output_dir))
# fab sample -H localhost
正则表达式应用于expect(),你需要转义[,],(,)......