apps/req.c: flag "-new" is implied by "-precert"

    print "Cert is in $NEWCERT, private key is in $NEWKEY\n" if $RET == 0;

} elsif ($WHAT eq '-precert' ) {

    # create a pre-certificate

    $RET = run("$REQ -new -x509 -precert -keyout $NEWKEY -out $NEWCERT $DAYS");

    $RET = run("$REQ -x509 -precert -keyout $NEWKEY -out $NEWCERT $DAYS");

    print "Pre-cert is in $NEWCERT, private key is in $NEWKEY\n" if $RET == 0;

} elsif ($WHAT eq '-newreq' ) {

    # create a certificate request

     "Cert extension section (override value in config file)"},

    {"reqexts", OPT_REQEXTS, 's',

     "Request extension section (override value in config file)"},

    {"precert", OPT_PRECERT, '-', "Add a poison extension"},

    {"precert", OPT_PRECERT, '-', "Add a poison extension (implies -new)"},

    {"", OPT_MD, '-', "Any supported digest"},

#ifndef OPENSSL_NO_ENGINE

    {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},

    int pkey_type = -1, private = 0;

    int informat = FORMAT_PEM, outformat = FORMAT_PEM, keyform = FORMAT_PEM;

    int modulus = 0, multirdn = 0, verify = 0, noout = 0, text = 0;

    int nodes = 0, newhdr = 0, subject = 0, pubkey = 0;

    int precert = 0;

    int nodes = 0, newhdr = 0, subject = 0, pubkey = 0, precert = 0;

    long newkey = -1;

    unsigned long chtype = MBSTRING_ASC, nmflag = 0, reqflag = 0;

    char nmflag_set = 0;

            req_exts = opt_arg();

            break;

        case OPT_PRECERT:

            precert = 1;

            newreq = precert = 1;

            break;

        case OPT_MD:

            if (!opt_md(opt_unknown(), &md_alg))

These SCTs can then be embedded into the pre-certificate as an extension, before

removing the poison and signing the certificate.

This implies the B<-new> flag.

=item B<-utf8>

this option causes field values to be interpreted as UTF8 strings, by