0

I wand to have a C# function that would generate x509 certificate by executing openssl commands. I found this post: Execute multiple command prompt commands from c#, which was very helpful,so my function will look like something like this:

            Process cmd = new Process();

            cmd.StartInfo.FileName = "cmd.exe";
            cmd.StartInfo.RedirectStandardInput = true;
            cmd.StartInfo.UseShellExecute = false;

            cmd.Start();

            using (StreamWriter sw = cmd.StandardInput)
            {
                if (sw.BaseStream.CanWrite)
                {
                    sw.WriteLine("openssl genrsa -aes256 -out E:\\testing_folder\\test_file_com.key.pem 2048");
                    //other openssl commands
                }
            }

but for me, I am trying to generate the x509 certificate =>

  1. First, I am generating private key as a file privkey.key
  2. Then I am executing the openssl command 'req -new -sha256 -key privkey.key -out cert.csr' to generate csr certificate, and when executing this, there is a prompt asking you for country name, state/province, password, etc.:
  3. List item

So my question is,Is it possible to run this command with a prefilled parameter so the user does not need to interact with it? in my C# function, how would I write answers to these prompts and execute the commands feeding the answers to the prompts without having the user respond to the prompts?

Thanks in advance!!

Mary
  • 131
  • 2
  • 10
  • I am just thinking. Correct me if I am wrong. You are using c# to execute the command not more no less. So the question should be is it possible to run this command with a prefilled parameter so the user does not need to interact with it? – Maytham Fahmi May 22 '22 at 00:26
  • @MaythamFahmi yeah, you're right. I'll update the question, it was hard to formulate it haha thanks – Mary May 22 '22 at 00:29
  • Some things to think about: OpenSSL documentation is quite clear, you can set `-prompt no` and pass a `distinguished_name` in a config file. See https://www.openssl.org/docs/man1.0.2/man1/openssl-req.html#DISTINGUISHED-NAME-AND-ATTRIBUTE-SECTION-FORMAT. It also documents how you can generate the key and request in one command. Also, instead of executing `cmd` and passing a command, just execute `openssl` directly. And to be honest, consider not using OpenSSL altogether, instead use the many cryptographic functions in .Net such as `X509Certificate2` – Charlieface May 22 '22 at 02:04
  • Why write C# to invoke a program when you can just write C# to perform your task? The CertificateRequest class can build self-signed certificates just fine. – bartonjs May 22 '22 at 18:51

0 Answers0