OpenSSL
S/MIME Certificate
Generate CSR Configuration
cat << EOF > csr.conf
[ req ]
default_bits = 2048
prompt = no
distinguished_name = dn
string_mask = utf8only
[ dn ]
C = JP
ST = Tokyo
O = Company Name
organizationIdentifier = NTRJP-1234-56-789012
CN = Your Name
emailAddress = email@example.com
EOF
Generate Private Key and CSR for S/MIME Certificate Request
#openssl req -new -newkey rsa:2048 -nodes -keyout private.key -out request.csr
openssl req -new -newkey rsa:2048 -nodes -keyout private.key -out request.csr -config csr.conf
## Country Name (2 letter code) [AU]:
## State or Province Name (full name) [Some-State]:
## Locality Name (eg, city) []:
## Organization Name (eg, company) [Internet Widgits Pty Ltd]:
## Organizational Unit Name (eg, section) []:
## Common Name (e.g. server FQDN or YOUR name) []:
## Email Address []:
Confirmation
openssl req -in request.csr -noout -text
openssl req -in request.csr -noout -subject -nameopt oid
## subject=2.5.4.6=JP, 2.5.4.8=Tokyo, 2.5.4.10=Company Name, 2.5.4.97=NTRJP-1234-56-789012, 2.5.4.3=Your Name, 1.2.840.113549.1.9.1=email@example.com
Export PKCS#12 from Private Key and Certificate
openssl pkcs12 -export -inkey private.key -in certificate.crt -out smime.pfx
References