When attempting to generate a csr via openssl on Windows, I get and error stating "unable to find 'distinguished_name' in config". I have done this previously without issue, but can't seem to figure out why it isn't doing the the thing now.
My config file (request.txt):
[req]
default_bits = 2048
prompt = no
default_md = sha384
req_extensions = req_ext
distinguished_name = req_distinguished_name
[req_distinguished_name]
countryName = US
stateOrProvinceName = Nevada
organizationName = OrgName
organizationalUnitName = DepName
commonName = <snip-fqdn>
emailAddress = <snip-email>
[req_ext]
subjectAltName = @alt_names
[alt_names]
DNS.1 = <snip-fqdn1>
DNS.2 = <snip-fqdn2>
IP.1 = <snip-ip>
The command I am using to generate the csr (OpenSSL is a PowerShell alias to openssl.exe):
OpenSSL req -newkey rsa:2048 -keyout key.pem -nodes -out request.csr -config request.txt
This results in an error stating the distinguished_name cannot be found in the config:
req: Error on line 1 of config file "H:\path\to\request.txt"
Generating a RSA private key
................+++++
..........+++++
writing new private key to 'H:\path\to\key.pem'
-----
unable to find 'distinguished_name' in config
problems making Certificate Request
3252:error:0E06D06A:configuration file routines:NCONF_get_string:no conf or environment variable:crypto\conf\conf_lib.c:270:
The distinguished_name is defined in the config, so I am unsure what openssl is on about here. I am truly at a loss with this one. Any ideas?
It looks like this is your real error:
req: Error on line 1 of config file "H:\path\to\request.txt"
This might be caused because of a weird character or space in the first line of the requests.txt file.