0

As per this Medium post, I'm trying to setup a local Next.js development server with HTTPS.

But when I run this command in Windows 10 Powershell:

openssl req -x509 -out localhost.crt -keyout localhost.key \
  -newkey rsa:2048 -nodes -sha256 \
  -subj '/CN=localhost' -extensions EXT -config <( \
   printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")

I get this error The '<' operator is reserved for future use.:

At line:1 char:142
+ ... des -sha256 \ -subj '/CN=localhost' -extensions EXT -config <( \ prin ...
+                                                                 ~
The '<' operator is reserved for future use.
    + CategoryInfo          : ParserError: (:) [], ParentContainsErrorRecordException
    + FullyQualifiedErrorId : RedirectionNotSupported

I've tried a few things but I'm unable to get this command working.

phuclv
  • 37,963
  • 15
  • 156
  • 475
Chris
  • 500
  • 6
  • 25
  • Why not just delete the `<`? – Abraham Zinala Apr 15 '21 at 04:27
  • Your trouble comes from redirecting input in Powershell, I can answer here but you've got other posts with [Redirecting standard input\output in Windows PowerShell ](https://stackoverflow.com/a/11788475/608772) or [Can I send some text to the STDIN of an active process under Windows?](https://stackoverflow.com/a/16100200/608772) – JPBlanc Apr 15 '21 at 04:38
  • @JPBlanc I've read both threads and I'm still not sure I understand. Something like.... ```Get-Content code.ext | openssl ...?``? What goes in code.ext? – Chris Apr 15 '21 at 05:13
  • Well, I managed to bypass this problem by splitting the command in two as per this stackoverflow thread: https://gist.github.com/cecilemuller/9492b848eb8fe46d462abeb26656c4f8 – Chris Apr 15 '21 at 05:31
  • @Chris, it can be useful for other people to post your solution as an answer. – JPBlanc Apr 15 '21 at 06:07
  • @JPBlanc Literally the first two lines of code in my link: ```openssl req -x509 -nodes -new -sha256 -days 1024 -newkey rsa:2048 -keyout RootCA.key -out RootCA.pem -subj "/C=US/CN=Example-Root-CA"``` and ```openssl x509 -outform pem -in RootCA.pem -out RootCA.crt``` I guess that's equivalent enough to the command in my original post for my purposes. Doesn't really answer how to bypass the "<" operator though – Chris Apr 15 '21 at 06:36
  • the command is for bash, **not** PowerShell. In PowerShell [backslash is not the escape operator](https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_special_characters?view=powershell-7.1) like that but the backtick, and there's no [process substitution like `<()`](https://www.gnu.org/software/bash/manual/html_node/Process-Substitution.html) in PowerShell – phuclv Apr 15 '21 at 10:58
  • @AbrahamZinala that command is for bash and in bash `<`, `()` and `<()` are completely different, you can't just remove that – phuclv Apr 15 '21 at 11:43

1 Answers1

0

The command is for bash so obviously it can't run in PowerShell. There are many changes necessary

So the result would be something like this

"[dn]`nCN=localhost`n[req]`ndistinguished_name = dn`n[EXT]`nsubjectAltName=DNS:localhost`nkeyUsage=digitalSignature`nextendedKeyUsage=serverAuth" > tmp.conf
openssl req -x509 -out localhost.crt -keyout localhost.key `
  -newkey rsa:2048 -nodes -sha256 `
  -subj '/CN=localhost' -extensions EXT -config tmp.conf
Remove-Item tmp.conf

But no need to have such a long line. It should be better more readable in multiple lines

@'
[dn]
CN=localhost
[req]
distinguished_name = dn
[EXT]
subjectAltName=DNS:localhost
keyUsage=digitalSignature
extendedKeyUsage=serverAuth
'@ > tmp.conf
openssl req -x509 -out localhost.crt -keyout localhost.key `
  -newkey rsa:2048 -nodes -sha256 `
  -subj '/CN=localhost' -extensions EXT -config tmp.conf
Remove-Item tmp.conf
phuclv
  • 37,963
  • 15
  • 156
  • 475