From nobody Fri Aug 30 01:06:36 2024 X-Original-To: freebsd-arm@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Ww0NQ6qMNz5Mm92 for ; Fri, 30 Aug 2024 01:06:46 +0000 (UTC) (envelope-from saper@saper.info) Received: from q.saper.info (q.saper.info [IPv6:2605:2700:0:2:a800:ff:fec7:5c61]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "q.saper.info", Issuer "E5" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ww0NQ44S1z4n5c; Fri, 30 Aug 2024 01:06:46 +0000 (UTC) (envelope-from saper@saper.info) Authentication-Results: mx1.freebsd.org; none Received: from q.saper.info (localhost [127.0.0.1]) by q.saper.info (8.18.1/8.18.1) with ESMTPS id 47U16bRB002952 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Fri, 30 Aug 2024 01:06:37 GMT (envelope-from saper@saper.info) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=saper.info; s=Sep2014; t=1724979997; bh=O1+/vUzv9DZ7OvmokMxvnYW7vw9hyeEOSAfE489T7A4=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=qhjtZKs6zReY+zHZU6if70RUvZHX9pxYkB6qIWSHlP1k5j03WkvlB+bo9h5PZvVk+ PTm4nF8ULRYwRlhsNf1jmIUHFO+MDFx4MvO06LweKx+e+5mVYXBB4xovSFFohvyQJR qdWsTj3kdIlB1bs+tYAj5yDfn9z2/mkGQjXUJ2q8= Received: from localhost (saper@localhost) by q.saper.info (8.18.1/8.18.1/Submit) with ESMTP id 47U16bBi002946; Fri, 30 Aug 2024 01:06:37 GMT (envelope-from saper@saper.info) X-Authentication-Warning: q.saper.info: saper owned process doing -bs Date: Fri, 30 Aug 2024 01:06:36 +0000 From: Marcin Cieslak To: bob prohaska cc: Ronald Klop , freebsd-arm@freebsd.org Subject: Re: OT, self-signed ssl certificate generation In-Reply-To: Message-ID: References: List-Id: Porting FreeBSD to ARM processors List-Archive: https://lists.freebsd.org/archives/freebsd-arm List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-arm@FreeBSD.org MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="2201072851-248282397-1724979997=:967" X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:47066, ipnet:2605:2700::/32, country:US] X-Rspamd-Queue-Id: 4Ww0NQ44S1z4n5c --2201072851-248282397-1724979997=:967 Content-Type: text/plain; charset=US-ASCII; format=flowed On Thu, 29 Aug 2024, bob prohaska wrote: > Probably I should just accept the necessity of a passphrase and > resume trying to get apache working with https; getting chromium > to accept a self-signed certificate is proving difficult. For a fully automated generation you can try something like this: openssl req -new -x509 -days 365 \ -sha3-512 -newkey rsa:4096 \ -keyout host.key -out host.crt -nodes \ -subj '/CN=example.org' -addext "subjectAltName = DNS:example.org" Marcin --2201072851-248282397-1724979997=:967 Content-Type: application/pkcs7-signature; name=smime.p7s Content-Transfer-Encoding: BASE64 Content-Description: S/MIME Cryptographic Signature Content-Disposition: attachment; filename=smime.p7s MIIOdgYJKoZIhvcNAQcCoIIOZzCCDmMCAQExDzANBglghkgBZQMEAgEFADAL BgkqhkiG9w0BBwGgggq9MIIEvDCCA6SgAwIBAgIQeEqpEhjRpCYIUTzTZlVD ozANBgkqhkiG9w0BAQsFADBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3Qg Q0EgLSBSMzETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFs U2lnbjAeFw0yMDA5MTYwMDAwMDBaFw0yOTAzMTgwMDAwMDBaMFsxCzAJBgNV BAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTEwLwYDVQQDEyhH bG9iYWxTaWduIEdDQyBSMyBQZXJzb25hbFNpZ24gMSBDQSAyMDIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxvJBqEapaux2/z3J7fFslRO WjKVJ5rCMfWGsg17dmD7NSnG7Spoa8d3htXsls1IMxoO8PyouQajNQqYmlYo xinlqenMNv7CJyEKMOAtglBmD6C/QC7kT+dSx4HfSTs8xmv8veJOldMzF8S/ BEn/tD4w/Dvpg+oXOqDyOiHPTacRFK0QHoq5eEbBmVS8W0rwcaRotO9fGTA+ NjF0My7GLRNK0eMPGh2hcPZURQhXy7wRQ8XFIfEA6kaQHHN22ncnVtwqiTmA wTR+4GNNVinG3KjNZLAVSnGrdCvT2I4Zo19hKy5PX6o7wrVXvMR4zV5VBFwV 6ZDM+xewao7Mup+SbwIDAQABo4IBiTCCAYUwDgYDVR0PAQH/BAQDAgGGMB0G A1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDASBgNVHRMBAf8ECDAGAQH/ AgEAMB0GA1UdDgQWBBSFu/DMxDa1CmJ2o5kuj7s6aq3FUTAfBgNVHSMEGDAW gBSP8Et/qC5FJK5NUPpjmove4t0bvDB6BggrBgEFBQcBAQRuMGwwLQYIKwYB BQUHMAGGIWh0dHA6Ly9vY3NwLmdsb2JhbHNpZ24uY29tL3Jvb3RyMzA7Bggr BgEFBQcwAoYvaHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLmNvbS9jYWNlcnQv cm9vdC1yMy5jcnQwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5nbG9i YWxzaWduLmNvbS9yb290LXIzLmNybDBMBgNVHSAERTBDMEEGCSsGAQQBoDIB KDA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9y ZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAWWtqju12g524FdD2HwUX U1rSxeM5aSU1cUC1V/xBjXW0IjA7/3/vG2cietPPP/g3lpoQePVJpQAKZml8 1fHwPPivFK9Ja41jJkgqGzkORSC0xYkh2gGeQg1JVaCzcrRzJElRjT442m6F pbLHCebxIHLu0WBNjLZreB6MYMaqdPL6ItbXtD/BU4k517cEuUbczoBFZAra jq7oUBWXuroln5AMnRwVNwgJN4Np0s4kkJ94KepzbFOLzcbnfUB0+xT4foXm bM0GmmcPGOy0qvqEHJsBwDZXDxIk8oqCnnLngi7N94Sn4eTcmpZ9NH2dDN1O TEPVXgRG5X1pBcNtMWG6MDCCBfkwggThoAMCAQICDCKqoJRMYYx5sYJHGzAN BgkqhkiG9w0BAQsFADBbMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFs U2lnbiBudi1zYTExMC8GA1UEAxMoR2xvYmFsU2lnbiBHQ0MgUjMgUGVyc29u YWxTaWduIDEgQ0EgMjAyMDAeFw0yMzAzMDcxNjExMDlaFw0yNjAzMDcxNjEx MDlaMDwxGTAXBgNVBAMMEHNhcGVyQHNhcGVyLmluZm8xHzAdBgkqhkiG9w0B CQEWEHNhcGVyQHNhcGVyLmluZm8wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw ggIKAoICAQC8MB3fTYVrTadH5qE2CIa4VLvlL6QHgDriMRLkTA49SPszYCO0 fZTEpdSw8fc6kK9p2fD63LAfOHeD7jzey5aHBzpIGlxeFkn0Ce2BCYY5yLxK i9byoCwrpLchTR1Itpk1w+zy5E4T9KBTL1+c+w+TKpaIvFLXtjZtz4wQGi0p e/nRkRK9htGG3mETh+APitedl+ImGaI8NK9PELxuSkXnYAvGPpnXir8vbszk tJU1b0TevL/i3Sy6fhOhunZmTo1QDM7Zw4UyVjkQgTvL3y4I0tIrVjlam08x XZeMp+i/Gl51eHGvRVfvdJUJAjrWhrFEp8+2FZouWxWzAlHdd2sRp1AekNdP CeRgHeIF6uNtSseL1grKAjU+4BiixWPp1y1niB0humoQHoub/6fO/mU+//rW l3gTwZNu4FuKgZlfPw+qnvuka0c9dUNIZRCE5z8yXjS8R9yZWirnHNhYxf/e R2y4jaiHzPAjZlZZ2rGx8xVfB2n2JsAicj2+ZxmXlQ1yd5RW1pfxG3cdNNC5 uZ+j4JIN2ElsIjEKmMn9gHdoaEMAy/ENwNiMDBadLnc8qWirq/Ktp2dBSf2y /sH9xMpVyk8wuYjpbCnX4xslAensno5A20MYdKGPRFaItEhNPNbfzc1+4br8 exoXFX1F9ZJK9gGUO2nLbdRycphdyzxzgQIDAQABo4IB2jCCAdYwDgYDVR0P AQH/BAQDAgWgMIGjBggrBgEFBQcBAQSBljCBkzBOBggrBgEFBQcwAoZCaHR0 cDovL3NlY3VyZS5nbG9iYWxzaWduLmNvbS9jYWNlcnQvZ3NnY2NyM3BlcnNv bmFsc2lnbjFjYTIwMjAuY3J0MEEGCCsGAQUFBzABhjVodHRwOi8vb2NzcC5n bG9iYWxzaWduLmNvbS9nc2djY3IzcGVyc29uYWxzaWduMWNhMjAyMDBMBgNV HSAERTBDMEEGCSsGAQQBoDIBKDA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3 dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAJBgNVHRMEAjAAMEkGA1Ud HwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3NnY2Ny M3BlcnNvbmFsc2lnbjFjYTIwMjAuY3JsMBsGA1UdEQQUMBKBEHNhcGVyQHNh cGVyLmluZm8wHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMB8GA1Ud IwQYMBaAFIW78MzENrUKYnajmS6PuzpqrcVRMB0GA1UdDgQWBBTW/RrdlRFR y6MgS7liTThMnQA5ozANBgkqhkiG9w0BAQsFAAOCAQEAAwoUJShHMueocVlD 1+vYJbTTTbk9tabr2L4Iyyy4Btu1d1wwl6d9Yx2N9qaVERWcEeP0aR+NB2B7 xIKl/ZnZVuSxep0Raw4s284a/jSIJlsAi4SJItDCU2VrYJDWxP7MxzZHnzPI MLDoTHXPV18gvYTewoNk5/Yo89Kb0v/GpPTpP2sVdrWLHa4uKUHYrAZ0aByp kNw6lXp6o6DXvXaOd6KDTQN5XhmmHwLnuLceODF1t9gicsZIOY+KAxN6YZ6t EqwN48b4OFMpckDE3fm1iTZRqnEIqUHOKOcoCImkub1woEN0zXDQmLXaZigl uVztWSTM4/fapWLrlHBNxfjs1TGCA30wggN5AgEBMGswWzELMAkGA1UEBhMC QkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExMTAvBgNVBAMTKEdsb2Jh bFNpZ24gR0NDIFIzIFBlcnNvbmFsU2lnbiAxIENBIDIwMjACDCKqoJRMYYx5 sYJHGzANBglghkgBZQMEAgEFAKCB5DAYBgkqhkiG9w0BCQMxCwYJKoZIhvcN AQcBMBwGCSqGSIb3DQEJBTEPFw0yNDA4MzAwMTA2MzZaMC8GCSqGSIb3DQEJ BDEiBCA8dGrcrU2fLKLprojoswVmCCUCNma1z63DkMhB46IgzTB5BgkqhkiG 9w0BCQ8xbDBqMAsGCWCGSAFlAwQBKjALBglghkgBZQMEARYwCwYJYIZIAWUD BAECMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0DAgIB QDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDANBgkqhkiG9w0BAQEFAASCAgAj gMse3hhJmnLDoJxij3//NbocQ+XbH6r1HMuvMU5LJSQ3zanSaQcTwIeFUVcm 7Lo56tI19fpYLVIaMTFyW1QmVXgOCtSwRakFr2H6ulEndPVcH0jOEq+0O+cf GLo4M9BffoflN3rWjtFAQJdZGv7weC/XLdxUW3JR0T31Z3sJdiUO+Iyri85I 5BrRO/eS8g686ft05N3SfPVkp2V0FbDm9zDhmUzBkThEnOjUBk+U/yuCh6e6 4cRuGXExH9/rCt/sU5uURFUApz4wLgaVu0oJMJl06n5JqQGKl+F9KPqcPEZb EFfb6iAH8IfEyDGSEBi3MiBWT5qZU97Xdi3xHqL8jCuKYMVpxm7aJdtdXFKN 2/PV3JmebS607BrHbWW9YAA+21t8cdLS9hilTG96h7PqT/Jh9F8hbkcmG5Sl lwmB0n4JxS8ZGYp9p3I5pu1RVDFaZYBQdx9rpcEVK8rJZJa/0nbcNkQqMfCF Q4KF9KnQorbpp10sqcVAE/L+Nk2YuHY+BqTdPijJkKBaob/Rr3hW0R5SJ6TS Nxxb+ZRtFCp/TrMapIWnUmjMoZh4CBJejBWF2hchNva9yGH2ioRt/IBCIUrS 0XtHREnBPfRigReNAoFQpTdsPPUNJsNSkzwfRlghOxhvogz53fxAed/7sU5L prtt82RCB1SmE2WysTx0TQ== --2201072851-248282397-1724979997=:967--