Hi Michael,
On 28/04/2020 15:21, Michael Wojcik wrote:
From: openssl-users [mailto:openssl-users-bounces@xxxxxxxxxxx] On Behalf Of
tincanteksup
Sent: Tuesday, April 28, 2020 07:02
[tct@arch-hyv-live-64 pki]$ openssl ca -verbose -config safessl-easyrsa.cnf
-keyfile private/ca.key -cert ca.crt -status $serial_number
[tct@arch-hyv-live-64 pki]$ echo $?
Note exit status
Yes, with a pure OpenSSL-based test CA I get an exit code of 1 for this command too.
Thank you very much for testing this and confirming my suspicions .. I
can now at least move forward with my project.
That was with OpenSSL 1.1.1 (which I apparently still have installed on this machine as my default dev openssl utility version, even though we're using 1.1.1g in the actual products). My guess is this hasn't changed with 1.1.1g, though, since I don't remember seeing anything in the change log about it.
I don't have time to debug it at the moment, though.
The openssl utility appears to exit with exit code 1 in a lot of situations. And it doesn't use the standard C exit code macros (EXIT_SUCCESS and EXIT_FAILURE). The exit codes for the utility seem to be a holdover from the days when OpenSSL was very idiosyncratic, instead of merely quite idiosyncratic as it is now.
--
Michael Wojcik
Distinguished Engineer, Micro Focus