Community Articles

Find and share helpful community-sourced technical articles.
Labels (1)

Affected versions:

1.2.x, 1.3.0


2-way ssl setup fails with an error as given below. This error message is available in hst-server.log or hst-gateway.log

INFO 2016-08-25 06:16:00,690 - Agent key not exists, generating request
INFO 2016-08-25 06:16:00,691 - openssl req -new -newkey rsa:1024 -nodes -keyout "/var/lib/smartsense/hst-agent/keys/" -subj / -out "/var/lib/smartsense/hst-agent/keys/" was finished with exit code: 1 - an error occurred parsing the command options.
INFO 2016-08-25 06:16:00,711 - Agent certificate not exists, sending sign request 


openssl does not support SubjectName longer than 64 chars. SubjAltName should be used for longer host names.

#openssl req -new -newkey rsa:1024 -nodes -keyout "./" -subj / -out "./"
Generating a 1024
bit RSA private key ............++++++
....++++++ writing new
private key to './' ----- 

problems making Certificate Request

140615247652520:error:0D07A097:asn1 encoding routines:ASN1_mbstring_ncopy:string too long:a_mbstr.c:154:maxsize=64


This fix to use SubjAltName for longer names is available in 1.3.1. Upgrade from 1.2.x or 1.3.0 to 1.3.1 or above.

0 Kudos
Take a Tour of the Community
Don't have an account?
Your experience may be limited. Sign in to explore more.
Version history
Last update:
‎05-15-2017 10:21 PM
Updated by:
Top Kudoed Authors