Public bug reported: This is my first bug report with Ubuntu, so apologies if I'm going about this the wrong way.
I'm running Ubuntu 14.04 LTS (Release 14.04), and am trying to create a server certificate using easy-rsa version 2.2.2-1. The commands I used to create the certificate were: sudo apt-get install easy-rsa cp -r /usr/share/easy-rsa ~ cd ~/easy-rsa vim ./vars (edit KEY_* defaults) source ./vars ./clean-all ./build-dh ./pkitool --initca ./pkitool --server <my-common-name> On the last command, I receive the following error: Using Common Name: <my-common-name> Error Loading extension section server 140532105823904:error:2207507C:X509 V3 routines:v2i_GENERAL_NAME_ex:missing value:v3_alt.c:537: 140532105823904:error:22098080:X509 V3 routines:X509V3_EXT_nconf:error in extension:v3_conf.c:93:name=subjectAltName, value=<my-common-name> In ./vars I only adjusted the default values for KEY_COUNTRY, KEY_PROVINCE, KEY_CITY, KEY_ORG, KEY_EMAIL, KEY_OU to suit my situation, and at the end of the file uncommented the KEY_CN name and set to the value of <my-common-name>. Upon checking the openssl-1.0.0.cnf file on line 220, the subjectAltName variable in the [server] section seems to be set from the KEY_ALTNAMES environmental variable. However, exporting this variable to either a blank or non-blank value before running ./pkitool seems to make no difference. I did notice that by commenting out line 220, the ./pkitool then creates a server certificate without issue. While it's easy enough to simply comment this line before running ./pkitool, but the end goal here is to automate the certificate creation using puppet, so it would be great to have the default openssl-1.0.0.cnf configuration work from environmental variables out of the box. Of course if I'm missing something, please let me know! ** Affects: easy-rsa (Ubuntu) Importance: Undecided Status: New ** Tags: easy-rsa pkitool subjectaltname -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1346776 Title: Server certificate creation crashes without subjectAltName To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/easy-rsa/+bug/1346776/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs