30

I'm trying to create an SSL cert for the first time. I have no idea how this works and am simply following some instructions provided to me.

first command works fine:

openssl genrsa -des3 -out privkey.key 2048

then the second command is giving me the errors:

openssl req –new –nodes -key privkey.key –out server.csr

it says "unknown option -new" and then lists all of the options, one of which is of course "-new"

Google the error message only gives me one useful forum post which says I need to use the -config option to point to my openssl.cnf file. SO I searched for the only instance of openssl.cnf is in my XAMPP installation.

this gave me additional "unknown option" errors, depnding on where in the command I put the -config option.

openssl req -config /Applications/XAMPP/xamppfiles/share/openssl/openssl.cnf 
-key privkey.key –out server.csr -new -nodes

this gives me "unknown option -out" which is ridiculous.

Can someone help me with the order of commands, or let me know if there are known bugs with the XAMPP openssl command?

I'm running OSX Lion and XAMPP 1.7.3

PetroleumJelliffe
  • 413
  • 1
  • 4
  • 5

1 Answers1

70

Ok, this is kind of weird, but you're not going insane.

Copying and pasting your example fails for me in the same way that it does for you. But typing it manually works fine.

It looks like wherever you copied those lines from has swapped the regular dash symbol with another, similar looking glyph. In fact, if you look very closely you can tell that the dash used with -key looks slightly different than the ones for -new, -nodes and -out (with the font I'm using the correct one is slightly shorter).

Delete all of your dashes and re-type them on the command line.

bahamat
  • 6,263
  • 24
  • 28
  • 2
    Nice catch! Let's hear it for the good old days of ASCII, when one dash was enough for us all . – MadHatter Aug 14 '11 at 05:29
  • Jeez, I thought those dashes looked slightly longer but not long enough to be em dashes. Never would have gotten this. Wow. I blame Entourage. – PetroleumJelliffe Aug 15 '11 at 01:52
  • thanks bahamat, you saved me so much time with that answer, love your work :) – Armin Nehzat Jul 05 '13 at 06:55
  • The hyphen (ASCII character) gets converted to a dash (UNICODE character) if auto-correct is turned on. They both look very similar, but they are different. – JustBeingHelpful Dec 19 '16 at 22:57
  • @PetroleumJelliffe then there is an `en-dash` smaller than an `em-dash` and slightly longer than a `dash`. ASCII... :cry: – Fr0zenFyr Feb 21 '17 at 08:20
  • I had this issue following the instructions on AWS https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/http-502-bad-gateway.html and the dash isn't a valid '-' character – RobbiewOnline Dec 28 '20 at 14:21
  • It's a bit of a disgrace that these websites (some of them big) are still putting out instructions with incorrect characters in them.. and this is still happening in 2022! – Rob Mascaro Jan 14 '22 at 05:09