Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Creating Client and Server Certificates issue #814

Open
ptkien90 opened this issue Oct 26, 2024 · 1 comment
Open

Creating Client and Server Certificates issue #814

ptkien90 opened this issue Oct 26, 2024 · 1 comment

Comments

@ptkien90
Copy link

ptkien90 commented Oct 26, 2024
edited
Loading

Hi all, I am facing an issue when creating Client and Server Certificates on the jump box. When executing the command below, I receive the following message. I am using OpenSSL version 1.1.1f 31 Mar 2020. It only creates the *.key file, without generating the *.crt and *.csr files. What should I do to address this issue? When I tried to remove -section ${i} and -copy_extensions copyall, it worked fine.

root@jumpbox:~/kubernetes-the-hard-way# for i in ${certs[*]}; do

openssl genrsa -out "${i}.key" 4096

openssl req -new -key "${i}.key" -sha256
-config "ca.conf" -section ${i}
-out "${i}.csr"

openssl x509 -req -days 3653 -in "${i}.csr"
-copy_extensions copyall
-sha256 -CA "ca.crt"
-CAkey "ca.key"
-CAcreateserial
-out "${i}.crt"
done
Generating RSA private key, 4096 bit long modulus (2 primes)
.++++
...............................................................................................................................................................................................................................................................................................++++
e is 65537 (0x010001)
req: Unrecognized flag section
req: Use -help for summary.
x509: Unrecognized flag copy_extensions
x509: Use -help for summary.
Generating RSA private key, 4096 bit long modulus (2 primes)
...............................................................++++
...............................++++
e is 65537 (0x010001)
req: Unrecognized flag section
req: Use -help for summary.
x509: Unrecognized flag copy_extensions
x509: Use -help for summary.
Generating RSA private key, 4096 bit long modulus (2 primes)
......................................................................................................................................................................................................................................++++
.........................................................++++
e is 65537 (0x010001)
req: Unrecognized flag section
req: Use -help for summary.
x509: Unrecognized flag copy_extensions
x509: Use -help for summary.
Generating RSA private key, 4096 bit long modulus (2 primes)
............................................................................++++
....++++
e is 65537 (0x010001)
req: Unrecognized flag section
req: Use -help for summary.
x509: Unrecognized flag copy_extensions
x509: Use -help for summary.
Generating RSA private key, 4096 bit long modulus (2 primes)
..............................................................................................++++
....................++++
e is 65537 (0x010001)
req: Unrecognized flag section
req: Use -help for summary.
x509: Unrecognized flag copy_extensions
x509: Use -help for summary.
Generating RSA private key, 4096 bit long modulus (2 primes)
......................................................++++
.....................................................++++
e is 65537 (0x010001)
req: Unrecognized flag section
req: Use -help for summary.
x509: Unrecognized flag copy_extensions
x509: Use -help for summary.
Generating RSA private key, 4096 bit long modulus (2 primes)
......................................................................++++
..............................................................................................................................................................................................................................++++
e is 65537 (0x010001)
req: Unrecognized flag section
req: Use -help for summary.
x509: Unrecognized flag copy_extensions
x509: Use -help for summary.
Generating RSA private key, 4096 bit long modulus (2 primes)
..............................................++++
......................................................................++++
e is 65537 (0x010001)
req: Unrecognized flag section
req: Use -help for summary.
x509: Unrecognized flag copy_extensions
x509: Use -help for summary.
@joey-grant
Copy link

I am using OpenSSL version 1.1.1f 31 Mar 2020

Hello there! It looks like you need to bump up to OpenSSL 3. Debian Bookworm, the OS listed as a requirement for this repo's labs, ships with OpenSSL 3.

Hope this helps!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@joey-grant @ptkien90