Can't generate certificate with `pounce -g`

From: Jeremy O'Brien Wed, 14 Aug 2024 11:04:14 -0400

I updated pounce and libretls to latest master branches as of today, and now I can't seem to get pounce to generate an auth.pem:

jeremy@newcore:~$ pounce -g auth.pem
.+......+..+..........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+.+...+.........+...........+.+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*........+.....+....+.................+...+.+Could not read private key from auth.pem
...jeremy@newcore:~$ ................................+......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
...+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*...+.+.....+...............+............+.......+...........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*...+.+..............+......+.........+.............+...........+.+...+...+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-----

Any ideas?

Thank you,
Jeremy

Re: Can't generate certificate with `pounce -g`

From: june Wed, 14 Aug 2024 12:00:47 -0400

To: Jeremy O'Brien

Cc: list+pounce

> On Aug 14, 2024, at 11:04, Jeremy O'Brien <neutral@fastmail.com> wrote:
> 
> I updated pounce and libretls to latest master branches as of today, and now I can't seem to get pounce to generate an auth.pem:

yeah, pounce -g has been broken for some time. trying to support
the ability to sign the new certificate with a CA doesn't get along
with newer versions of the openssl(1) utility. it should probably
just be removed.

in the mean time, if you have catgirl installed, its -g option still
works fine, or you can run the openssl command that it would use
manually:

$ openssl req -x509 -new -newkey rsa:4096 -sha256 -days 3650 -nodes -subj "/CN=xxxxxxx" -out cert.pem -keyout cert.pem

Re: Can't generate certificate with `pounce -g`

From: june Tue, 5 Nov 2024 20:11:05 -0500

To: Jeremy O'Brien

Cc: list+pounce

> On Aug 14, 2024, at 12:00, june <june@causal.agency> wrote:
> 
>> On Aug 14, 2024, at 11:04, Jeremy O'Brien <neutral@fastmail.com> wrote:
>> 
>> I updated pounce and libretls to latest master branches as of today, and now I can't seem to get pounce to generate an auth.pem:
> 
> yeah, pounce -g has been broken for some time. trying to support
> the ability to sign the new certificate with a CA doesn't get along
> with newer versions of the openssl(1) utility. it should probably
> just be removed.

done here: https://git.causal.agency/pounce/commit/?id=5a29b92e1a6b961bf0c78f578f21c06d5c612fab