OpenSSL command line on F5 LTM CSR/key generation

Is all of your organizational information the same across certificates, just the subject changing? When we went through a cert refresh exercise, I recall pre-generating openssl 'config' files that housed all of the certificate details (as we also had some that needed SAN extensions). Once we had a directory full of the config files, batch generation was done by listing the directory and piping through the bash command 'xargs' that popped the config file name into an openssl command to generate key and CSR based on the config. (The config files were generated with some Python that pulled necessary information from the existing certs.)

Sorry if this doesn't help but wanted to pass along the idea of config files and 'xargs'. As the solution was 'mediocre but expedient' I didn't commit it to memory assuming we'd do something more elegant next round. ;)