codelab-android-network-security-config icon indicating copy to clipboard operation
codelab-android-network-security-config copied to clipboard

Published 20 hours ago verified publisher icon android

Invalid openssl command

Open Azbesciak opened this issue 3 years ago • 1 comments

Hello, please see the command to generate ssl certificate you suggest to execute

# Run these commands from inside the server/ directory!

# Create a certificate authority
openssl genrsa -out root-ca.privkey.pem 2048
# Sign the certificate authority
openssl req -x509 -new -nodes -days 100 -key root-ca.privkey.pem -out root-ca.cert.pem -subj "/C=US/O=Debug certificate/CN=localhost" -extensions v3_ca -config openssl_config.txt
# create DER format crt for Android
openssl x509 -outform der -in root-ca.cert.pem -out debug_certificate.crt

the invalid, or atleast curious part is -extensions v3_ca -config openssl_config.txt - where from should I get this file? about extension, what is v3_ca? Openssl returns

Error Loading extension section v3_ca
140611899814336:error:0E06C069:configuration file routines:NCONF_get_section:no conf:../crypto/conf/conf_lib.c:245:

Azbesciak avatar Jul 03 '21 07:07 Azbesciak

Maybe it is also worth mentioning alternativeNames field? Lack of it caused connectivity issues for me https://stackoverflow.com/questions/60217458/sslpeerunverifiedexception-when-using-a-self-signed-certificate-in-android

Azbesciak avatar Jul 05 '21 04:07 Azbesciak