Menu
I am generating a self-signed SSL certificate with OpenSSL (not makecert), for use in IIS.
openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes -subj '//CN=myhost'
(The double slash is correct. The command above does not work without that.)
openssl pkcs12 -export -out key.pfx -inkey key.pem -in cert.pem -name 'myhost'
The first command runs completes successfully. However the second get stuck with
Loading 'screen' into random state -
I am using OpenSSL (1.0.2d) that comes with Git for Windows (2.6.3). Anyone experiences the same issue?
Clarification: Question How to fix "unable to write 'random state' " in openssl describes different -- problem with writing the the .rnd file. Here the problem seems to be generating the random state. (And only in the second command.)
237
Please try to add winpty before oppenssl:
winpty openssl ...
or you can run a new bash wrapped by winpty:
winpty bash
In the windows console, there is some problem with terminal input/output so winpty can help if some software requires unix terminal behavior.
winpty helped me to run openssl in this environment:
git version 2.7.3.windows.1
OpenSSL 1.0.2g 1 Mar 2016
I found that I needed to specify the PFX password on the command line using -passout pass:SomePassword - e.g.:
openssl pkcs12 -export -out foo_example_com.pfx -inkey foo_example_com.key -in foo_example_com.crt -passout pass:Pa55w0rd
Recently I hit the same when running openssl in an azure ubuntu VM over ssh from a windows 10 laptop. I tried openssl for windows also from windows command prompt and powershell. The root cause behind this seems to be terminal compatibility of openssl when using from windows command prompt.
I found that wsl (windows-subsystem-linux) based shell seem to be good and command goes through proper prompt instead of seem-to-be-hung. Steps here will be
1
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
