since the openssl.cnf path is hardcoded in binaries. to alter it on windows set environmental variable (as written):

OPENSSLDIR=C:\PATH\TO\OpenSSL\bin
OPENSSL_CONF=C:\PATH\TO\OpenSSL\bin\openssl.cnf

OPENSSL_CONF doesn’t work without OPENSSLDIR even if it is set.

settings these options will allow you to use your custom configuration files when creating certificates.

batch file i use to create certificate

GenCERT.bat [save this file to OpenSSL bin directory]

@echo off 

md %1

openssl genrsa -des3 -out %1/%1.key 1024

openssl req -new -key %1/%1.key -out %1/%1.csr

copy %1/%1.key %1/%1.key.org

openssl rsa -in %1/%1.key.org -out %1/%1.key

openssl x509 -req -days 365 -in %1/%1.csr -signkey %1/%1.key -out %1/%1.crt

openssl x509 -outform der -in %1/%1.crt -out %1/%1.der

Sample

:: Start command line and cd to C:\PATH\TO\OpenSSL\bin
::
:: usage: GenCERT.bat domain.com
::

GenCERT.bat teknober.com

Batch file I use to create SSL certificate for Web etc server

GenPEM.bat [save this file to OpenSSL bin directory] 

@echo off

mkdir %1

openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout %1/%1.pem -out %1/%1.pem -config "%1/%1.cfg"

Sample

:: Start command line and cd to C:\PATH\TO\OpenSSL\bin
::
:: usage: GenPEM.bat domain.com
::

GenPEM.bat teknober.com

for sample ssl configuration file see the bottom of the page: http://www.openssl.org/docs/apps/ca.html