Creating Client and Server Certificates issue

Hi all, I am facing an issue when creating Client and Server Certificates on the jump box. When executing the command below, I receive the following message. I am using OpenSSL version 1.1.1f 31 Mar 2020. It only creates the .key file, without generating the .crt and *.csr files. What should I do to address this issue? When I tried to remove -section ${i} and -copy_extensions copyall, it worked fine.

root@jumpbox:~/kubernetes-the-hard-way# for i in ${certs[*]}; do

openssl genrsa -out "${i}.key" 4096

openssl req -new -key "${i}.key" -sha256 \ -config "ca.conf" -section ${i} \ -out "${i}.csr"

openssl x509 -req -days 3653 -in "${i}.csr" \ -copy_extensions copyall \ -sha256 -CA "ca.crt" \ -CAkey "ca.key" \ -CAcreateserial \ -out "${i}.crt" done Generating RSA private key, 4096 bit long modulus (2 primes) .++++ ...............................................................................................................................................................................................................................................................................................++++ e is 65537 (0x010001) req: Unrecognized flag section req: Use -help for summary. x509: Unrecognized flag copy_extensions x509: Use -help for summary. Generating RSA private key, 4096 bit long modulus (2 primes) ...............................................................++++ ...............................++++ e is 65537 (0x010001) req: Unrecognized flag section req: Use -help for summary. x509: Unrecognized flag copy_extensions x509: Use -help for summary. Generating RSA private key, 4096 bit long modulus (2 primes) ......................................................................................................................................................................................................................................++++ .........................................................++++ e is 65537 (0x010001) req: Unrecognized flag section req: Use -help for summary. x509: Unrecognized flag copy_extensions x509: Use -help for summary. Generating RSA private key, 4096 bit long modulus (2 primes) ............................................................................++++ ....++++ e is 65537 (0x010001) req: Unrecognized flag section req: Use -help for summary. x509: Unrecognized flag copy_extensions x509: Use -help for summary. Generating RSA private key, 4096 bit long modulus (2 primes) ..............................................................................................++++ ....................++++ e is 65537 (0x010001) req: Unrecognized flag section req: Use -help for summary. x509: Unrecognized flag copy_extensions x509: Use -help for summary. Generating RSA private key, 4096 bit long modulus (2 primes) ......................................................++++ .....................................................++++ e is 65537 (0x010001) req: Unrecognized flag section req: Use -help for summary. x509: Unrecognized flag copy_extensions x509: Use -help for summary. Generating RSA private key, 4096 bit long modulus (2 primes) ......................................................................++++ ..............................................................................................................................................................................................................................++++ e is 65537 (0x010001) req: Unrecognized flag section req: Use -help for summary. x509: Unrecognized flag copy_extensions x509: Use -help for summary. Generating RSA private key, 4096 bit long modulus (2 primes) ..............................................++++ ......................................................................++++ e is 65537 (0x010001) req: Unrecognized flag section req: Use -help for summary. x509: Unrecognized flag copy_extensions x509: Use -help for summary.

kelseyhightower / kubernetes-the-hard-way

Creating Client and Server Certificates issue #814