From 69978f9e1c20e51fe04a92fe6e7c27e07f7c7e8b Mon Sep 17 00:00:00 2001 From: mikee47 Date: Tue, 4 Jun 2024 08:53:53 +0100 Subject: [PATCH] Generated certificates fail, investigating. Certificates from SmtpClient work, but generated ones do not. --- Sming/Components/ssl/Tools/make_certs.sh | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/Sming/Components/ssl/Tools/make_certs.sh b/Sming/Components/ssl/Tools/make_certs.sh index faeb37cdf5..aff22109db 100755 --- a/Sming/Components/ssl/Tools/make_certs.sh +++ b/Sming/Components/ssl/Tools/make_certs.sh @@ -33,6 +33,8 @@ # Generate the certificates and keys for testing. # +set -v + PROJECT_NAME="Sming Project" # Generate the openssl configuration files. @@ -144,7 +146,7 @@ date -s "$DATE_NOW" touch x509_bad_before.pem fi openssl x509 -req -in x509_512.req -out x509_bad_after.pem \ - -sha1 -CAcreateserial -days -365 \ + -sha1 -CAcreateserial -days 365 \ -CA ca_x509.pem -CAkey ca_key.pem # some cleanup @@ -168,9 +170,9 @@ openssl pkcs8 -in key_512.pem -nocrypt -topk8 -out unencrypted_pem.p8 openssl pkcs8 -in key_512.pem -nocrypt -topk8 -outform DER -out unencrypted.p8 # generate pkcs12 files (use RC4-128 for encryption) -openssl pkcs12 -export -in x509_1024.pem -inkey key_1024.pem -certfile ca_x509.pem -keypbe PBE-SHA1-RC4-128 -certpbe PBE-SHA1-RC4-128 -name "p12_with_CA" -out withCA.p12 -password pass:abcd -openssl pkcs12 -export -in x509_1024.pem -inkey key_1024.pem -keypbe PBE-SHA1-RC4-128 -certpbe PBE-SHA1-RC4-128 -name "p12_without_CA" -out withoutCA.p12 -password pass:abcd -openssl pkcs12 -export -in x509_1024.pem -inkey key_1024.pem -keypbe PBE-SHA1-RC4-128 -certpbe PBE-SHA1-RC4-128 -out noname.p12 -password pass:abcd +openssl pkcs12 -legacy -export -in x509_1024.pem -inkey key_1024.pem -certfile ca_x509.pem -keypbe PBE-SHA1-RC4-128 -certpbe PBE-SHA1-RC4-128 -name "p12_with_CA" -out withCA.p12 -password pass:abcd +openssl pkcs12 -legacy -export -in x509_1024.pem -inkey key_1024.pem -keypbe PBE-SHA1-RC4-128 -certpbe PBE-SHA1-RC4-128 -name "p12_without_CA" -out withoutCA.p12 -password pass:abcd +openssl pkcs12 -legacy -export -in x509_1024.pem -inkey key_1024.pem -keypbe PBE-SHA1-RC4-128 -certpbe PBE-SHA1-RC4-128 -out noname.p12 -password pass:abcd # PEM certificate chain cat ca_x509.pem >> x509_device.pem