4

I'm trying to generate SSL on Get Https For Free

And I'm following stepts on git bash(git version 2.9.3.windows.2, mingw64) but stucked on a step 2, Certificate Signing Request.

I typed command following 

openssl req -new -sha256 -key domain.key -subj "/" -reqexts SAN -config <(cat /d/Git/usr/ssl/openssl.cnf  <(printf "[SAN]\nsubjectAltName=DNS:dev.xn--p89al22awxc7t2ajoa.com,DNS:dev.stocktalk.kr"))

However, an error is annoying me.

This is error. What is the problem and how can I generate successfully?

error on line -1 of /proc/3028/fd/63
7656:error:02001003:system library:fopen:No such process:bss_file.c:175:fopen('/proc/3028/fd/63','rb')
7656:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:178:
7656:error:0E078072:configuration file routines:DEF_LOAD:no such file:conf_def.c:195:
jww
  • 97,681
  • 90
  • 411
  • 885
Minkyu Kim
  • 1,144
  • 3
  • 18
  • 43
  • 2
    Stack Overflow is a site for programming and development questions. This question appears to be off-topic because it is not about programming or development. See [What topics can I ask about here](http://stackoverflow.com/help/on-topic) in the Help Center. Perhaps [Super User](http://superuser.com/) or [Unix & Linux Stack Exchange](http://unix.stackexchange.com/) would be a better place to ask. Also see [Where do I post questions about Dev Ops?](http://meta.stackexchange.com/q/134306) – jww Aug 26 '16 at 08:36
  • Also see [How do you sign Certificate Signing Request with your Certification Authority](http://stackoverflow.com/a/21340898/608639) and [How to create a self-signed certificate with openssl?](http://stackoverflow.com/q/10175812/608639) Both us an OpenSSL FILE, so you won't need the extra redirections. – jww Aug 26 '16 at 08:38
  • @jww Oh, I've got it. thanks you for your recommend. – Minkyu Kim Aug 26 '16 at 08:59

1 Answers1

5

If the fancy stdin redirection for openssh config does not work, try as a workaround to:

  • copy /d/Git/usr/ssl/openssl.cnf somewhere else
  • edit it (or apply your sed's) on that new file

  • use the file directly in your openssh command:

     openssl req -new -sha256 -key domain.key -subj "/" -reqexts SAN -config new_edited_file

Regarding the error Error Loading request exception section SAN, the OP Minkyu Kim reports in the comments following "Multi-Domain SSL Setup with “Subject Alternative Names”", adding:

subjectAltName = @alt_names

[ alt_names ]
DNS.1 = www.example.com
DNS.2 = example.com
Community
  • 1
  • 1
VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
  • Thank you so much! I tried it, but and error `Error Loading request extion section SAN` occured. but I find a page what helps me. https://easyengine.io/wordpress-nginx/tutorials/ssl/multidomain-ssl-subject-alternative-names/ I followed steps, I succeeded. – Minkyu Kim Aug 26 '16 at 08:01
  • 1
    @MinkyuKim Great! I have included your comment in the answer for more visibility. – VonC Aug 26 '16 at 08:04