0

I try to create a Certificate Signing Request (CSR) using

openssl req -new -sha256 -key domain.key -subj "/" \ -reqexts SAN -config <(cat /System/Library/OpenSSL/openssl.cnf \ <(printf "[SAN]\nsubjectAltName=DNS:foo.com,DNS:www.foo.com"))

but getting the following error message

cat: /dev/fd/63: No such file or directory
unknown option -reqexts

Any ideas?

Zombo
  • 1
  • 1
  • 16
  • 20
dknaack
  • 249
  • 1
  • 3
  • 10
  • Macbooks are not servers within the meaning of Server Fault. – user9517 Dec 10 '15 at 07:51
  • 1
    i get the same error on my ubuntu server on azure – dknaack Dec 10 '15 at 08:42
  • I'm sure it does, especially as this pathname `/System/Library/OpenSSL/openssl.cnf` doesn't exist on Ubuntu ;) – user9517 Dec 10 '15 at 10:50
  • This question should be re-opened. It's perfectly applicable to "information technology systems in a business environment". @Thetimehascome If you read the question, you'd see that the path to `openssl.cnf` isn't the hangup here. – Brad May 03 '17 at 21:35

1 Answers1

4

Notice the difference between /dev/fd/63 and /dev/fd/63. The extra space matters. /dev/fd/63 is an absolute path which would work. Whereas /dev/fd/63 is a relative path. Probably your current directory does not contain a subdirectory named .

The space is in the name because that is what you asked for. The part of the command to pay attention to is this: \ <(.

The sequence \ is an escaped space and <( is used to run a subshell with output to a pipe.

So what happens is this.

  1. The subshell is started with stdout pointing to a pipe.
  2. The name of the reading end of that pipe happens to be /dev/fd/63
  3. The shell prepends a space to that name as you asked for.
  4. The shell calls cat with the file name /dev/fd/63, which does not exist.
  5. cat reports an error.

Removing \ from the command will surely make that error message go away.

Zombo
  • 1
  • 1
  • 16
  • 20
kasperd
  • 30,455
  • 17
  • 76
  • 124