Creating certificates with a password that has spaces in it
Jasvinder S. Bahra
bbdl21548 at blueyonder.co.uk
Tue Dec 9 21:38:36 CET 2014
Hi,
I am setting up FreeRadius on a FreeBSD system in an EAP-TLS configuration.
As part of that process, I need to create a number of certificates.
To do so, I am following the instructions detailed in the README file (in
the /usr/local/etc/raddb/certs folder).
The passwords i've set in the three CNF files are made up of multiple words.
However, when I try and execute the "make server.pem" command, I get an
error. As a test, I set the input and output passwords both to "One Two
Three 4" in the ca.cnf file, and executed the "make ca.pem" and "make
ca.der" steps successfully. When I tried to execute "make server.pem"
however...
=====8<=====
[root at server certs]# make server.pem
/usr/local/bin/openssl req -new -out server.csr -keyout server.key -config
./se
rver.cnf
Generating a 2048 bit RSA private key
................................+++
.............................................................+++
writing new private key to 'server.key'
-----
/usr/local/bin/openssl ca -batch -keyfile ca.key -cert ca.pem -in
erver.csr -k
ey `grep output_password ca.cnf | sed 's/.*=//;s/^ *//'` -out
server.crt -extens
ions xpserver_ext -extfile xpextensions -config ./server.cnf
unknown option Two
usage: ca args
=====8<=====
The "unknown options Two" line suggests that only the first word of the
password is used and that openssl thinks the rest of the password are other
parameters.
I've tried enclosing the passwords (in the CNF files) in both single quotes
and double quotes, but have had no success.
Is it possible to create certificates with passwords that have spaces in
them, using these make commands?
Regards,
Jazz
More information about the Freeradius-Users
mailing list