When setting up a production server for testing, there is an error when running the keygen script:
{{$ CERT_CN=$API_GATEWAY_DOMAIN_NAME CERT_SAN="DNS:${API_GATEWAY_DOMAIN_NAME},DNS:*.${STORAGE_PROXY_DOMAIN_NAME}" ../keygen}} {{ req: Unknown digest addext}} {{ req: Use -help for summary.}}
Looking at this link: https://docs.joshuatz.com/cheatsheets/security/self-signed-ssl-certs/ it hints that openssl >= 1.1.1 is needed otherwise addext failures may occur. While they can be worked around, unless you specifically want to maintain compatibility with older distributions it might be easier to just do a check for 1.1.1
Thanks for the report! Indeed I think the "addext" usage was added after the original version check of 1.0.0 and may be that it should have been bumped.
When setting up a production server for testing, there is an error when running the keygen script:
{{$ CERT_CN=$API_GATEWAY_DOMAIN_NAME CERT_SAN="DNS:${API_GATEWAY_DOMAIN_NAME},DNS:*.${STORAGE_PROXY_DOMAIN_NAME}" ../keygen}}{{ req: Unknown digest addext}}
{{ req: Use -help for summary.}}
Looking at this link: https://docs.joshuatz.com/cheatsheets/security/self-signed-ssl-certs/ it hints that openssl >= 1.1.1 is needed otherwise addext failures may occur. While they can be worked around, unless you specifically want to maintain compatibility with older distributions it might be easier to just do a check for 1.1.1