Post Reply 
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Possible bug when using self signed certificate
2020-07-03, 16:32
Post: #1
Possible bug when using self signed certificate

openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr # enter IP as common name
openssl x509 -req -days 1024 -in server.csr -signkey server.key -out server.crt
cat server.crt server.key > server.pem

iPXE built with server.crt, server run with server.pem.

Not Working:

openssl genrsa -des3 -out ca-key.pem 2048
openssl req -new -key ca-key.pem -x509 -out ca-cert.pem
openssl genrsa -des3 -out server-key.pem 204
openssl req -new -key server-key.pem -x509 -out server.csr # enter IP as  common name
openssl x509 -x509toreq -in server.csr -signkey server-key.pem -out server.req
openssl x509 -req -in server.req -CA ca-cert.pem -CAkey ca-key.pem -CAcreateserial -out server-cert.pem
cat server-key.pem server-cert.pem > server.pem

iPXE built with ca-cert.pem, server uses server.pem.

iPXE fails with

The server does not register an HTTP request being made. The packet dump shows iPXE sends ACK followed by FIN ACK after Server Hello Done.

curl --cacert ca-cert.pem
works, so the problem appears to lie in iPXE.
Find all posts by this user
Quote this message in a reply
Post Reply 

User(s) browsing this thread: 1 Guest(s)