Adding a silent option to `sign-req`

[amittima1234]

Today it's hard to automate certificate signing because of the inputs required using the command. I think adding a silent option (a flag to the exisiting sign-req? a new sign-req-silent altogether?) is important for implanting a fully automated API for the CA.

[TinCanTech]

In the last two weeks alone, Easy-RSA has been uniquely cloned 7000+ times.

The vast majority of those clones go into automated processes, using batch mode.

If you have an issue with Easy-RSA then please describe it.

[amittima1234]

Do you have an example of such use? Is there a place on the documentation about this mode?

[amittima1234]

Why did you close this issue? I have been using easy-rsa for a project of mine for about half a year now. The only way I was able to automate sign-req is via expect:

#!/bin/sh

ca_folder_path=$1
req_file_path=$2
cert_name=$3
cert_type=$4
ca_pass="Aa123456"

cd $ca_folder_path
echo $ca_folder_path $req_file_path $cert_name $cert_type
$ca_folder_path/easyrsa import-req $req_file_path $cert_name
echo "import for $cert_name is done."

expect -c "
    set timeout -1

    spawn $ca_folder_path/easyrsa sign-req $cert_type $cert_name 

    expect \"Confirm request details: \"
    send -- \"yes\n\"

    expect \"Enter pass phrase for $ca_folder_path/pki/private/ca.key:\"
    send -- \"$ca_pass\n\"

    expect eof"

echo "signing for $cert_name is done."

What am I missing here?

[amittima1234]

I've come across some information regarding batch mode, and I'm curious about why there are only two lines mentioning it in the documentation. I admit I didn't notice it when I first installed Easyrsa. The guides explain how to use the CLI manually, which is helpful to begin with, but there's no mention or example of the batch mode, which, in my opinion, is a crucial feature when choosing a CA. Perhaps it would be a good idea to open an issue to request additional information to be added to the documentation?

Additionally, it might be worth considering a reorganization of the documentation. It seems to lack comprehensive information about Easyrsa's features and commands, making it less beginner-friendly. Overall, there's a need for more guides to explain how to effectively maintain and utilize this tool.

[TinCanTech]

I agree, Easy-RSA has room for a beginners guide; I have even started working on one.

[amittima1234]

Did you open an issue about the subject where I can elaborate further and potentially contribute to the effort?

[TinCanTech]

You are free to act as you please.

I closed this so-called issue because you clearly implied that you have not read any documentation.