openssl_csr_sign(): X.509 Certificate Signing Request cannot be retrieved

[billfrench]

Hello, tried generating a keypair under the keychain menu. Got the error,

openssl_csr_sign(): X.509 Certificate Signing Request cannot be retrieved

1. in D:\WEBSITES\IntranetDEV\vendor\flipboxfactory\keychain\src\keypair\OpenSSL.phpat line 57

craft and plugins are up-to-date. Probably worth noting, i'm running craftcms on windows.

System report has a green check on the OpenSSL extension

Under phpinfo in craft:

openssl OpenSSL support enabled OpenSSL Library Version OpenSSL 3.0.8 7 Feb 2023 OpenSSL Header Version OpenSSL 3.0.8 7 Feb 2023 Openssl default config C:\Program Files\Common Files\SSL/openssl.cnf openssl.cafile no value openssl.capath no value

[dsmrt]

Thanks for the details. I’m investigating.

[dsmrt]

I'm still looking into this but you can bring your own key to get around this issue. There are details on this here: https://saml-sp.flipboxfactory.com/configure/keychain.html#option-2-create-a-key-pair-with-openssl

[billfrench]

Oh, ok! I will give that a try. Is there anything else I can provide that would be helpful?

[dsmrt]

Thanks @billfrench ... I'm finding much on this issue. I'm assuming it's specific to windows but I'm not sure if it's a specific configuration of openssl.

[dsmrt]

For reference, here is where the issue is happening: https://github.com/flipboxfactory/keychain/blob/7e15207776a896e90c90284f91a6c4697c5f4513/src/keypair/OpenSSL.php#L57

[dsmrt]

Closing for now. This seems like environment specific but please let me know if there are more details we can work off of here.