Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mac OS support #7

Closed
2 tasks done
antonkomarev opened this issue Oct 22, 2019 · 4 comments
Closed
2 tasks done

Mac OS support #7

antonkomarev opened this issue Oct 22, 2019 · 4 comments
Assignees
@orangecoloured
Labels
enhancement New feature or request help wanted Extra attention is needed

Comments

@antonkomarev
Copy link
Member

antonkomarev commented Oct 22, 2019
edited

@orangecoloured could you test pric on mac os, please?

TODO

  1. Implement trusting of CA Trust Certificate Authority in MacOS #15
  2. Fix OpenSSL config loading Fix Mac OS OpenSSL include DNS config file #12
@antonkomarev antonkomarev added the help wanted Extra attention is needed label Oct 22, 2019
@orangecoloured
Copy link
Collaborator 

# Creating output directory
+ mkdir -p ./output

# Copying OpenSSL DNS config list from defaults
+ cp ./openssl.dns.default.cnf ./openssl.dns.cnf

# Creating !pric directory in Operating System CA registry
+ sudo mkdir -p '/usr/local/share/ca-certificates/!pric'

# Generating Certificate Authority private key
+ openssl genrsa -out ./output/ca.key 2048
Generating RSA private key, 2048 bit long modulus
...........+++
.........+++
e is 65537 (0x10001)

# Copying Certificate Authority private key to Operating System CA registry
+ sudo cp ./output/ca.key '/usr/local/share/ca-certificates/!pric/ca.key'

# Generating Certificate Authority self-signed certificate
+ openssl req -x509 -new -nodes -key ./output/ca.key -sha256 -days 36500 -subj '/O=\!pric/CN=localhost' -out ./output/ca.crt

# Copying Certificate Authority certificate to Operating System CA registry
+ sudo cp ./output/ca.crt '/usr/local/share/ca-certificates/!pric/ca.crt'

# Updating Operating System CA registry
+ sudo update-ca-certificates
sudo: update-ca-certificates: command not found

# Generating localhost private key
+ openssl genrsa -out ./output/localhost.key 2048
Generating RSA private key, 2048 bit long modulus
.......................................+++
........+++
e is 65537 (0x10001)

# Generating localhost certificate signing request
+ openssl req -new -key ./output/localhost.key -config ./openssl.cnf -subj '/O=\!pric/CN=localhost' -out ./output/localhost.csr
error on line 368 of ./openssl.cnf
4409359852:error:0EFFF065:configuration file routines:CRYPTO_internal:missing equal sign:/BuildRoot/Library/Caches/com.apple.xbs/Sources/libressl/libressl-47.11.1/libressl-2.8/crypto/conf/conf_def.c:344:line 368

# Generating localhost certificate signed by Certificate Authority
+ openssl x509 -req -extensions v3_req -extfile ./openssl.cnf -in ./output/localhost.csr -CA '/usr/local/share/ca-certificates/!pric/ca.crt' -CAkey ./output/ca.key -CAcreateserial -CAserial ./output/ca.srl -days 36500 -sha256 -out ./output/localhost.crt
error on line 368 of config file './openssl.cnf'

# Compiling PEM certificate chain
+ cat ./output/localhost.crt '/usr/local/share/ca-certificates/!pric/ca.crt' ./output/localhost.key
cat: ./output/localhost.crt: No such file or directory

@antonkomarev
Copy link
Member Author

antonkomarev commented Oct 22, 2019
edited

Thanks for the debug output!

List of tasks updated in first comment.

@antonkomarev antonkomarev changed the title Test it on Mac OS Test pric on Mac OS Oct 22, 2019
@antonkomarev antonkomarev mentioned this issue Oct 22, 2019
Closed
@antonkomarev antonkomarev changed the title Test pric on Mac OS Mac OS support Oct 22, 2019
@antonkomarev antonkomarev added the enhancement New feature or request label Oct 22, 2019
@antonkomarev
Copy link
Member Author

We could check if certificate was added using this command:

security dump-trust-settings -d | grep Cert | grep localhost

@antonkomarev
Copy link
Member Author

MacOS support was added. Merged in master branch.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@orangecoloured orangecoloured

Labels
enhancement New feature or request help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@antonkomarev @orangecoloured