0

I am having with an App that is not serving the intermediate certificate to the clients.

As a workaround I wanted to add the intermediate certificate (Let's Encrypt X3) to the ca-certificates and followed the steps described over here: How do I install a root certificate?

Unfortunately, I am getting this error:

syntax error at /usr/local/bin/c_rehash line 15, near “= ;”

syntax error at /usr/local/bin/c_rehash line 16, near “= ;”

Execution of /usr/local/bin/c_rehash aborted due to compilation errors.

What am I doing wrong?

Community
  • 1
neik
  • 11

2 Answers2

0

To install a Let's Encrypt certificate, use certbot utility. It is well documented.

You simple have to do:

sudo add-apt-repository ppa:certbot/certbot
sudo apt install python-certbot-apache 
sudo certbot
estibordo
  • 1,419
0

You are not doing anything wrong. The c_rehash perl script which is being executed was not built correctly during the openssl installation.

If you open c_rehash, you can see the lines with the errors. The built script does not have any values set, the "= ;" code. This causes the error.

man c_rehash to see what it does. In short, it hashes the .crt/.pem files in the default directory and generates symlinks which point to the .crt/.pem files. Why? Some programs use these hashes rather than the actual name.

You can find the default directory that openssl has configured (installation directory) using the 'openssl version -a' command and look at the OPENSSLDIR. Use this value in the c_rehash perl script (make sure to surround with double quotes) for both $dir and $prefix.

I don't know why the build script did not work correctly during the installation; probably a bug fixed in a later release. I was on 1.0.2o.

user840699
  • 1