Invalid openssl command
Azbesciak opened this issue · 1 comments
Azbesciak commented
Hello, please see the command to generate ssl certificate you suggest to execute
# Run these commands from inside the server/ directory!
# Create a certificate authority
openssl genrsa -out root-ca.privkey.pem 2048
# Sign the certificate authority
openssl req -x509 -new -nodes -days 100 -key root-ca.privkey.pem -out root-ca.cert.pem -subj "/C=US/O=Debug certificate/CN=localhost" -extensions v3_ca -config openssl_config.txt
# create DER format crt for Android
openssl x509 -outform der -in root-ca.cert.pem -out debug_certificate.crt
the invalid, or atleast curious part is -extensions v3_ca -config openssl_config.txt - where from should I get this file? about extension, what is v3_ca? Openssl returns
Error Loading extension section v3_ca
140611899814336:error:0E06C069:configuration file routines:NCONF_get_section:no conf:../crypto/conf/conf_lib.c:245:
Azbesciak commented
Maybe it is also worth mentioning alternativeNames field? Lack of it caused connectivity issues for me
https://stackoverflow.com/questions/60217458/sslpeerunverifiedexception-when-using-a-self-signed-certificate-in-android