[Libwebsockets] cmake: Failed to generate SSL certificate for Test Server using cmd.exe

biolaser at frii.com biolaser at frii.com
Fri Feb 12 15:44:38 CET 2021


Hi Andy,

The cert is now successfully generated! Many thanks!!!

As a side point (I hope not serious):

When building libwebsockets I get the following error, which I resolved by
changing the two projects' settings to not treat warnings as errors:

  openssl-server.c
C:\usr\libwebsockets\libwebsockets\lib\tls\openssl\openssl-server.c(434,9):
error C2220: the following warning is treated as an error
[C:\usr\libwebsockets\libwebsockets\build\lib\websockets.vcxproj]
C:\usr\libwebsockets\libwebsockets\lib\tls\openssl\openssl-server.c(434,9):
warning C4996: 'EC_KEY_new_by_curve_name': Since OpenSSL 3.0
[C:\usr\libwebsockets\libwebsockets\build\lib\websockets.vcxpr
oj]
C:\usr\libwebsockets\libwebsockets\lib\tls\openssl\openssl-server.c(440,2):
warning C4996: 'EC_KEY_free': Since OpenSSL 3.0
[C:\usr\libwebsockets\libwebsockets\build\lib\websockets.vcxproj]
C:\usr\libwebsockets\libwebsockets\lib\tls\openssl\openssl-server.c(482,11):
warning C4996: 'EVP_PKEY_get1_EC_KEY': Since OpenSSL 3.0
[C:\usr\libwebsockets\libwebsockets\build\lib\websockets.vcxproj]
C:\usr\libwebsockets\libwebsockets\lib\tls\openssl\openssl-server.c(490,2):
warning C4996: 'EC_KEY_free': Since OpenSSL 3.0
[C:\usr\libwebsockets\libwebsockets\build\lib\websockets.vcxproj]


... and a bit later in the build ...

  openssl-server.c
C:\usr\libwebsockets\libwebsockets\lib\tls\openssl\openssl-server.c(434,9):
error C2220: the following warning is treated as an error
[C:\usr\libwebsockets\libwebsockets\build\lib\websockets_shared.v
cxproj]
C:\usr\libwebsockets\libwebsockets\lib\tls\openssl\openssl-server.c(434,9):
warning C4996: 'EC_KEY_new_by_curve_name': Since OpenSSL 3.0
[C:\usr\libwebsockets\libwebsockets\build\lib\websockets_share
d.vcxproj]
C:\usr\libwebsockets\libwebsockets\lib\tls\openssl\openssl-server.c(440,2):
warning C4996: 'EC_KEY_free': Since OpenSSL 3.0
[C:\usr\libwebsockets\libwebsockets\build\lib\websockets_shared.vcxproj]
C:\usr\libwebsockets\libwebsockets\lib\tls\openssl\openssl-server.c(482,11):
warning C4996: 'EVP_PKEY_get1_EC_KEY': Since OpenSSL 3.0
[C:\usr\libwebsockets\libwebsockets\build\lib\websockets_shared.v
cxproj]
C:\usr\libwebsockets\libwebsockets\lib\tls\openssl\openssl-server.c(490,2):
warning C4996: 'EC_KEY_free': Since OpenSSL 3.0
[C:\usr\libwebsockets\libwebsockets\build\lib\websockets_shared.vcxproj]


So if I set the Visual Studio /WX option (treat warnings as errors) to
"No" for these two projects, the build seems to work fine. Is this an
acceptable solution, or should the source code be fixed to resolve the
warning?

William Stroupe





On Fri, 12 Feb 2021 06:54:42 +0000, Andy Green <andy at warmcat.com> wrote:
> On 2/12/21 2:21 AM, biolaser at frii.com wrote:
>> Additional info:
>> 
>> In the same shell the cmake executed in, I ran the following commands
>> manually to see if further diagnostic errors would appear - here is the
>> output generated:
>> 
>> C:\usr\libwebsockets\libwebsockets\build>set
>>
OPENSSL_INPUT_WIN_PATH=C:\usr\libwebsockets\libwebsockets\build\openssl_input.txt
>> 
>>
C:\usr\libwebsockets\libwebsockets\build>"C:/Strawberry/c/bin/openssl.exe"
>> req -new -newkey rsa:2048 -days 10000 -nodes -x509 -keyout
>>
"C:/usr/libwebsockets/libwebsockets/build/libwebsockets-test-server.key.pem"
>> -out
>>
"C:/usr/libwebsockets/libwebsockets/build/libwebsockets-test-server.pem"
>> Can't open C:/Strawberry/c/ssl/openssl.cnf for reading, No such file or
>> directory
>> 15316:error:02001003:system library:fopen:No such
>>
process:crypto/bio/bss_file.c:69:fopen('C:/Strawberry/c/ssl/openssl.cnf','r')
>> 15316:error:2006D080:BIO routines:BIO_new_file:no such
>> file:crypto/bio/bss_file.c:76:
>> Generating a RSA private key
>> ..............................................+++++
>> ...+++++
>> writing new private key to
>>
'C:/usr/libwebsockets/libwebsockets/build/libwebsockets-test-server.key.pem'
>> -----
>> unable to find 'distinguished_name' in config
>> problems making Certificate Request
>> 15316:error:0E06D06A:configuration file routines:NCONF_get_string:no
conf
>> or environment variable:crypto/conf/conf_lib.c:270:
>> 
>> 
>> There is no "ssl" subdirectory in C:/Strawberry/c/
>> 
>> I don't think I missed a documented step which would account for this.
>> 
>> What needs to be done to properly complete the Strawberry integration
>> with
>> SSL?
> 
> No, the perl pieces are only needed to build OpenSSL, afterwards they 
> don't have any role.  It's getting picked up only because Strawberry 
> comes bundled with it, and it's earlier, or the only one, on your PATH.
> 
> After you install git and other things there are multiple copies of a 
> few libs and apps wandering around in your filesystem.  In my VM used 
> for CI it's an openssl.exe that comes with mingw that gets picked up
first.
> 
> He has an openssl.cnf that works for certificate creation in 
> /mingw64/ssl/openssl.cnf, which I attach, you should be able to create 
> C:/Strawberry/c/ssl and see what happens if you drop it in there.
> 
> -Andy


More information about the Libwebsockets mailing list