[openssl-users] openssl ca pkcs11 UI_set_result_ex:result too large:crypto/ui/ui_lib.c:910:You must type in 4 to 32 characters
Peter Magnusson
blaufish.public.email at gmail.com
Thu Oct 18 14:27:49 UTC 2018
Thanks =)
This is similar to other commands, e.g. ssh, tpm2-tools, etc
inconsistencies between different flags between different
sub-commands.
Getting it right the first time is easier said than done and changing
command line behaviour later on breaks user scripts etc.
//P
On Wed, Oct 17, 2018 at 10:13 AM Richard Levitte <levitte at openssl.org> wrote:
>
> In message <CANtcRX4xLxcOVa0iszyo4RLBuFxa7BenA2OZw9QA-KP-=BAzpQ at mail.gmail.com> on Tue, 16 Oct 2018 10:34:31 +0200, Peter Magnusson <blaufish.public.email at gmail.com> said:
>
> > Sorry, I am an idiot =)
>
> No you're not.
>
> > Problem resolved, user error. -key was the problem and should not be
> > used as I showed.
> >
> > -key has a different meaning for openssl ca than for openssl req, so
> > my PIN was my -key argument. It got my keyfile from the openssl conf
> > file.
>
> And this is precisely why you're not an idiot. We're not consistent
> between openssl sub-commands, so no wonder you get confused. It's a
> pattern thing, we catch on to similar patterns (such as option names).
>
> We really should look over those options... (but with all the other
> stuff we have going on, I'm afraid this isn't the highest on our
> priority list)
>
> Cheers,
> Richard
>
> --
> Richard Levitte levitte at openssl.org
> OpenSSL Project http://www.openssl.org/~levitte/
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
More information about the openssl-users
mailing list