openssl on Windows does not recoginize my -extfile

1
votes

When using OpenSSL 1.0.2l, I have the following command line:

openssl ca -out certs\cert.pem -days 1825 -config openssl.cnf -infiles requests\req.pem -extfile "v3.ext"

I have the v3.ext file in the current directory:

>dir v3.ext
 Volume in drive C is OS
 Volume Serial Number is 1E1A-0C21

 Directory of C:\Users\[me]\.openssl

06/12/2017  10:58 AM               205 v3.ext
               1 File(s)            205 bytes
               0 Dir(s)  116,381,810,688 bytes free

When I run it, I get this error message:

-extfile: No such file or directory 8932:error:02001002:system library:fopen:No such file or directory:.\crypto\bio\bss_file.c:406:fopen('-extfile','rb') 8932:error:20074002:BIO routines:FILE_CTRL:system lib:.\crypto\bio\bss_file.c:408:

This is a Windows 10 box. Is anything wrong with my Extfile option?

Thanks

1
windowsopensslssl-certificate
Stack Overflow is a site for programming and development questions. This question appears to be off-topic because it is not about programming or development. See What topics can I ask about here in the Help Center. Perhaps Super User or Unix & Linux Stack Exchange would be a better place to ask. If you feel its on-topic elsewhere, then ask for a migration - jww
The reference you provided for this site includes the following as appropriate: "software tools commonly used by programmers;". This would certainly include openssl. You will also note various tags on this site for SSL, openssl, etc. The openssl tag here already includes 8829 questions as of today. I believe this is appropriate here. - Rodrigo M

1 Answers

3
votes

The "-extfile" option should be earlier in the list of options. From the ca man page (https://www.openssl.org/docs/man1.0.2/apps/ca.html):

-infiles
if present this should be the last option, all subsequent arguments are 
assumed to the the names of files containing certificate requests.

So your "-extfile" argument is being taken as a request file.