[openssl-dev] [openssl.org #4655] Openssl req seems not to work with precreated key
Richard Levitte via RT
rt at openssl.org
Mon Aug 22 13:00:05 UTC 2016
The issue isn't with the pre-created key, but because '-x509' doesn't fully
flag that something new is to be created. The freeze is because 'openssl req'
tries to read a csr... '-newkey', however, does flag the creation of a csr /
x509, that's why the alternative command works.
Fix in https://github.com/openssl/openssl/pull/1479
Cheers,
Richard
On Mon Aug 22 12:33:47 2016, beldmit at gmail.com wrote:
> Hello openssl team,
>
> I experience problems with openssl version OpenSSL 1.1.0-pre7-dev
>
> I use Debian GNU Linux, the version is 8.5
> The kernel version is
> Linux vr-dev 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt25-2 (2016-04-08)
> x86_64 GNU/Linux
>
> I have created a private key with a command
>
> LD_LIBRARY_PATH=. apps/openssl genrsa -out rsa2048.pem 2048
>
> in the build directory.
>
> When I execute the command
> OPENSSL_CONF=apps/openssl.cnf LD_LIBRARY_PATH=. apps/openssl req -x509 -key
> rsa2048.pem -keyform PEM -out cert.pem
>
> in the build directory, it seems to hang and does not print any prompt.
>
> The command line
> OPENSSL_CONF=apps/openssl.cnf LD_LIBRARY_PATH=. apps/openssl req -x509
> -newkey rsa:2048 -keyout key.pem -out req.pem -nodes
>
> works ok.
>
> What's done wrong by me?
>
--
Richard Levitte
levitte at openssl.org
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4655
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list