Run through CA setup, and ended up corrupting my terminal due to binary output using the current bionic-updates 1.1.1-1ubuntu2.1~18.04.1
Upgraded to: # dpkg-query -W openssl libssl1.1 libssl1.1:amd64 1.1.1-1ubuntu2.1~18.04.2 openssl 1.1.1-1ubuntu2.1~18.04.2 Rerun the procedure and ended up with text output: ... GByCiz1ccn33zfoZa4Wc9e8F/Cm0sihZoGfW3ZKaHT9hoE/bfB4o/4JnIJCCzjrD 0I0+Aaqph4FbJf8qlzeViPcb6P0MRdNr+6eLedKcDLTJHFWAGIn0ahKa -----END CERTIFICATE----- Data Base Updated All is good. ** Tags removed: verification-needed verification-needed-bionic ** Tags added: verification-done verification-done-bionic -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1828215 Title: openssl ca -spkac output regressed Status in OpenSSL: Fix Released Status in openssl package in Ubuntu: Fix Committed Status in openssl source package in Bionic: Fix Committed Status in openssl source package in Cosmic: Confirmed Status in openssl source package in Disco: Confirmed Status in openssl source package in Eoan: Fix Committed Bug description: [Impact] * openssl command line utility option parsing has regressed in 1.1.0i+ and produces binary output, where text output is expected, breaking applications that parse that. [Test Case] Setup CA: $ apt install openssl $ mkdir -p demoCA/private demoCA/newcerts $ touch demoCA/index.txt $ echo 01 > demoCA/serial $ openssl req -new -x509 -days 365 -newkey rsa:4096 -keyout demoCA/private/cakey.pem -out demoCA/cacert.pem # Use password test # Accept defaults for all other settings $ openssl req -new -days 365 -newkey rsa:4096 -keyout demoCA/sslkey.pem -out demoCA/sslcert.pem Generate regular request / key: # Use password test # Set common name to: example.com # Accept defaults for all other settings Generate spkac request: $ openssl spkac -key demoCA/sslkey.pem -out demoCA/sslcert.spkac $ cat <<EOF >>demoCA/sslcert.spkac countryName=AU stateOrProvinceName=Some-State organizationName=Internet Widgits Pty Ltd commonName=example.com EOF Sign spkac request: $ echo test | openssl ca -passin stdin -batch -spkac demoCA/sslcert.spkac -startdate 190121130654Z Expected: pure text output Unexpected: binary output for the signed cert Currently produces binary goop. Should produce PEM format Base64 encoded certificate data in a block surrounded with BEGIN/END certificate. [Regression Potential] * This is a regression in cosmic and up, and impeding regression in bionic with the upcoming 1.1.1 SRU. A bugfix exists upstream. [Other Info] * Originally reported https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1797386/comments/39 To manage notifications about this bug go to: https://bugs.launchpad.net/openssl/+bug/1828215/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
