generating server.pem for boringssl bssl tool

[james.j...@gmail.com]

hi..

I would like to know how to create a server.pem file for the boringssl bssl tool.

thanks!

[Adam Langley]

On Thu, Oct 22, 2015 at 9:19 AM, <james.j...@gmail.com> wrote:
> I would like to know how to create a server.pem file for the boringssl bssl tool.

The bssl tool doesn't do X.509 creation yet because I've not had the
need. If you search for "self-signed certificate" online you'll be
able to find many pages talking about how to do it with the openssl
tool.


Cheers

AGL

[james.j...@gmail.com]

Thanks, but i've tried using:

openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem

to generate a self-signed certificate then tried:

./eg server -key key.pem -accept 8080

but it gives an error:

"Failed to load cert chain: key.pem"

I also tried the .pem files supplied with the tests, but no luck.

[Eric Roman]

Looks like it expects the certificate and key to be in the same file.

Have you tried concatenating cert.pem and key.pem together to make a server.pem?

[james.j...@gmail.com]

Thanks, Eric - that did it. This works for me:

openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem

cat cert.pem key.pem > server.pem
./bssl server -key server.pem -accept 8080
./bssl client -connect 127.0.0.1:8080