Open Eschon opened 3 years ago
I have similar issue, it seems to have generated csca.key
fine but stuck and unable to generate dsc-worker.pem
@Eschon I have found the issue. I finally successfully generated the keys 🔑 . The culprit is LibreSSL on mac. I would suggest to try this out. here's what I did:
Run
openssl version
I got LibreSSL
as response. This is the reason, cause the script is using OpenSSL.
We have to check if OpenSSL is installed on our Mac
Run
brew list openssl
If it is already installed, you will see list of OpenSSL paths available
If there is NO OpenSSL on your machine, you need to install it:
Run brew install openssl
If you already have OpenSSL on your machine, try to update it:
Run brew upgrade openssl
Once that's done, we need to point our path to ensure the script run using OpenSSL on our machine
Run brew info openssl
You will find the line
If you need to have openssl@1.1 first in your PATH, run: <script>
Run the script that provided.
Lastly restart your terminal for it to re-read new .bash_profile
Try to run ./gen-csca-dsc.sh
once again.
Hope this give you some success.
@iamariffikri Thanks! I was already suspecting that LibreSSL might be the problem, but as I said I'm not really experienced with openssl and didn't have time yet to look into it more. With the proper openssl version i was also able to generate the certificate.
If you don't want to change your system defaults it also works by replacing the line
OPENSSL=${OPENSSL:=openssl}
with (use the path of your brew openssl installation)
OPENSSL=${OPENSSL:=/usr/local/opt/openssl@1.1/bin/openssl}
Maybe it would be good to add a hint to this to the documentation.
Know tha the construct
OPENSSL=${OPENSSL:-openssl}
Allows for you to set
export OPENSSL=/opt ….. / openssl
To your local copy & put this in your shell profile. So that you override the makefile ? Would that work for you ?
Dw
Ah, yes thanks. That works as well
I wanted to try out this implementation but I can't generate the certificates. When I run
./gen-csca-dsc.sh
it just hangs. I tried to leave it for an hour to see if it is just really slow but nothing happened. Thecsca.key
gets created but then the second openssl command seems to hang.I've also tried running the command on its own with the same result.
I'm running Mac OS 11.4 with openssl LibreSSL 2.8.3
I don't have much experience with openssl so any help figuring out the problem would be appreciated.