Syntax error: "(" unexpected error while creating an openssl certificate using a bash command

Question

Using the instructions over here to define the SAN field inside the a openssl certificate, I am using the following commands to generate my own self-signed certificate:

openssl genrsa -out domain.org.key
openssl req -newkey rsa:2048 -nodes -keyout domain.org.key -subj "/C=CN/ST=GD/L=SZ/O=Acme, Inc./CN=*.domain.org" -out domain.org.csr
openssl x509 -req -extfile <(printf "subjectAltName=DNS:domain.org,DNS:www.domain.org") -days 365 -in domain.org.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out domain.org.crt

However, I am getting the following error:

Syntax error: "(" unexpected

I don't see anything specifically wrong with the bash syntax used, could anyone help?

Answer 1

That error-message doesn't look like Bash to me; rather, Bash error-messages look like this:

bash: syntax error near unexpected token `('

I recommend double-checking that you're running these commands in Bash, and not a different shell. (Process substitution isn't specified by POSIX, so not all shells support it.)

If it turns out that Bash is not available, you can use a temporary file:

printf "subjectAltName=DNS:domain.org,DNS:www.domain.org" > tmp-ext-file
openssl x509 -req -extfile tmp-ext-file -days 365 -in domain.org.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out domain.org.crt

or standard input:

printf "subjectAltName=DNS:domain.org,DNS:www.domain.org" \
| openssl x509 -req -extfile /dev/stdin -days 365 -in domain.org.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out domain.org.crt