| View previous topic :: View next topic |
| Author |
Message |
Bigun
Advocate
Joined: 21 Sep 2003
Posts: 2196
|
 Posted: Fri Jul 04, 2008 11:22 am Post subject: Unable to create new certificate |
 |
|
I followed this how to and I keep running into trouble during the SSL cert creation.
Here is the code in the section that I am having trouble with:
| Code: | # cd /etc/ssl/
# nano -w openssl.cnf
Change the following default values for your domain:
countryName_default
stateOrProvinceName_default
localityName_default
0.organizationName_default
commonName_default
emailAddress_default.
(If the variables are not already present, just add them in a sensible place.)
# cd misc
# ./CA.pl -newreq-nodes
# ./CA.pl -newca
# ./CA.pl -sign
# cp newcert.pem /etc/postfix
# cp newkey.pem /etc/postfix
# cp demoCA/cacert.pem /etc/postfix
(Now we do the same thing for apache.)
# openssl req -new > new.cert.csr
# openssl rsa -in privkey.pem -out new.cert.key
# openssl x509 -in new.cert.csr -out new.cert.cert -req -signkey new.cert.key -days 365
(Just leave the resulting certificates here for now.
We'll install them after Apache is installed.)
|
and when I get to this part:
| Code: | pwnedclips misc # ./CA.pl -sign
Using configuration from /etc/ssl/openssl.cnf
unable to load CA private key
16249:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:647:Expecting: ANY PRIVATE KEY
Signed certificate is in newcert.pem
|
And then there is no newcert.pem anywhere.
I've googled for a good while and cannot find anything. Has anyone else seen this?
_________________
"It's ok, they might have guns but we have flowers." - Perpetual Victim |
|
| Back to top |
|
 |
smerf
l33t
Joined: 06 Nov 2004
Posts: 778
Location: Polska
|
|
| Back to top |
|
|
Bigun
Advocate
Joined: 21 Sep 2003
Posts: 2196
|
| Posted: Sat Jul 05, 2008 11:53 am Post subject: |
|
|
Same result
_________________
"It's ok, they might have guns but we have flowers." - Perpetual Victim |
|
| Back to top |
|
|
|
Networking & Security
