[openssl-users] 'openssl ca -serial' command line always exit with error 1 ?
Michael Wojcik
Michael.Wojcik at microfocus.com
Tue Apr 28 14:21:50 UTC 2020
> From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf Of
> tincanteksup
> Sent: Tuesday, April 28, 2020 07:02
> [tct at arch-hyv-live-64 pki]$ openssl ca -verbose -config safessl-easyrsa.cnf
> -keyfile private/ca.key -cert ca.crt -status $serial_number
>
> [tct at arch-hyv-live-64 pki]$ echo $?
>
> Note exit status
Yes, with a pure OpenSSL-based test CA I get an exit code of 1 for this command too.
That was with OpenSSL 1.1.1 (which I apparently still have installed on this machine as my default dev openssl utility version, even though we're using 1.1.1g in the actual products). My guess is this hasn't changed with 1.1.1g, though, since I don't remember seeing anything in the change log about it.
I don't have time to debug it at the moment, though.
The openssl utility appears to exit with exit code 1 in a lot of situations. And it doesn't use the standard C exit code macros (EXIT_SUCCESS and EXIT_FAILURE). The exit codes for the utility seem to be a holdover from the days when OpenSSL was very idiosyncratic, instead of merely quite idiosyncratic as it is now.
--
Michael Wojcik
Distinguished Engineer, Micro Focus
More information about the openssl-users
mailing list