Skip to content

Added instructions for generating ssl files on macOS #54

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Jan 11, 2021
Merged

Added instructions for generating ssl files on macOS #54

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 4 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,11 +31,13 @@ $ ./vendor/bin/http_test_server > /dev/null 2>&1 &
Then generate ssh certificates:

```bash
$ cd ./tests/server/ssl
$ cd ./tests/server/ssl
$ ./generate.sh
$ cd ../../../
$ cd ../../../
```

Note: If you are running this on macOS and get the following error: "Error opening CA Private Key privkey.pem", check [this](ssl-macOS.md) file.

Now run the test suite:

``` bash
Expand Down
58 changes: 58 additions & 0 deletions ssl-macOS.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
# Generating SSL Certificates on macOS

When generating SSL Certificates on macOS, you must ensure that you're using brew's openssl binary and not the one provided by the OS.

To do that, find out where your openssl is installed by running:

```bash
$ brew info openssl
```

You should see something like this:

```
[email protected]: stable 1.1.1i (bottled) [keg-only]
Cryptography and SSL/TLS Toolkit
https://openssl.org/
/usr/local/Cellar/[email protected]/1.1.1i (8,067 files, 18.5MB)
Poured from bottle on 2020-12-11 at 11:31:46
From: https://github.com/Homebrew/homebrew-core/blob/HEAD/Formula/[email protected]
License: OpenSSL
==> Caveats
A CA file has been bootstrapped using certificates from the system
keychain. To add additional certificates, place .pem files in
/usr/local/etc/[email protected]/certs

and run
/usr/local/opt/[email protected]/bin/c_rehash

[email protected] is keg-only, which means it was not symlinked into /usr/local,
because macOS provides LibreSSL.

If you need to have [email protected] first in your PATH run:
echo 'export PATH="/usr/local/opt/[email protected]/bin:$PATH"' >> /Users/flavio/.bash_profile

For compilers to find [email protected] you may need to set:
export LDFLAGS="-L/usr/local/opt/[email protected]/lib"
export CPPFLAGS="-I/usr/local/opt/[email protected]/include"

For pkg-config to find [email protected] you may need to set:
export PKG_CONFIG_PATH="/usr/local/opt/[email protected]/lib/pkgconfig"

==> Analytics
install: 855,315 (30 days), 2,356,331 (90 days), 7,826,269 (365 days)
install-on-request: 139,236 (30 days), 373,801 (90 days), 1,120,685 (365 days)
build-error: 0 (30 days)
```

The important part is this:

> echo 'export PATH="/usr/local/opt/[email protected]/bin:$PATH"' >> /Users/flavio/.bash_profile

Instead of running `./tests/server/ssl/generate.sh`, you should instead run:

```bash
$ PATH="/usr/local/opt/[email protected]/bin ./tests/server/ssl/generate.sh
```

You should now be good to go.