openssl missing equal sign error while generating cert

Question

openssl missing equal sign error while generating cert

kdpuvvadi opened this issue 2 years ago · comments

Getting following error while running

$openssl x509 -req -sha256 -days 3650 -in cert.csr -CA ca.pem -CAkey ca-key.pem -out cert.pem -extfile extfile.cnf -CAcreateserial
x509: Error on line 1 of config file "extfile.cnf"
CC580000:error:07000065:configuration file routines:def_load_bio:missing equal sign:crypto\conf\conf_def.c:513:HERE-->��sline 1

tried different version of openssl and tried building openssl but still same error. anyone have any idea what's going on?

here's the contents of extfile.cnf

subjectAltName=DNS:*.puvvadi.local,IP:10.20.10.246

hmontano · Answer 1 · Mon Aug 08 2022 00:14:45 GMT+0800 (China Standard Time)

I found something that worked for me. Essentially you need to copy the openss.cnf to the selfsigned-certs directory, add subjectAltName under the [ v3_ca ] section, use the config as extfile with -extensions v3_ca.

This worked for Windows machine.

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/sssd-ldap-domain-ip

Christian Lempa · Answer 2 · Tue Sep 13 2022 22:35:19 GMT+0800 (China Standard Time)

Closed as resolved by user