Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 10-22-2004, 10:16 AM   #1
Registered: Sep 2003
Location: Michigan
Distribution: Gentoo, Knoppix
Posts: 69

Rep: Reputation: 15
SSL Cert Generation Problem

I'm having problems creating SSL Certs for Postfix and Apache.

I'm following these instructions from

# cd /etc/ssl/
# nano -w openssl.cnf

// Change the following default values for your domain:

// If the variables are not already present, just add them in a sensible place.

# cd misc
# nano -w
// We need to add -nodes to the # create a certificate and
// #create a certificate request code in order to let our new ssl
// certs be loaded without a password. Otherwise when you
// reboot your ssl certs will not be available.

# create a certificate
system ("$REQ -new -nodes -x509 -keyout newreq.pem -out newreq.pem $DAYS");

# create a certificate request
system ("$REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS");
# ./ -newca
# ./ -newreq
# ./ -sign
# cp newcert.pem /etc/postfix
# cp newreq.pem /etc/postfix
# cp demoCA/cacert.pem /etc/postfix
// Now we do the same thing for apache

# openssl req -new > new.cert.csr
# openssl rsa -in privkey.pem -out new.cert.key
# openssl x509 -in new.cert.csr -out new.cert.cert -req -signkey new.cert.key -days 365
// Just leave the resulting certificates here for now.
// We'll install them after Apache is installed.
Every thing seems to work until I get too ./ -sign

when I run it I get

Using configuration from /etc/ssl/openssl.cnf
unable to load CA private key
10072:error:0E06D06C:configuration file routines:NCONF_get_string:no value:conf_lib.c:329:group=CA_default name=unique_subject
10072:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:637:Expecting: ANY PRIVATE KEY
Signed certificate is in newcert.pem
I'm not sure why I'm having this problem. I've redone all the steps fromt he documentation multiple times trying to figure it out ... Any help is appreciated.

Old 07-06-2009, 02:59 PM   #2
LQ Newbie
Registered: Oct 2005
Location: Thurrock, Essex, England
Distribution: Gentoo
Posts: 12

Rep: Reputation: 0
Same issue...


Did you manage to sort out your issue? If so can you let me know how please, I have the same problem.



Last edited by Jason_Bassett; 08-19-2010 at 08:00 AM.
Old 07-06-2009, 03:12 PM   #3
Registered: Sep 2003
Location: Michigan
Distribution: Gentoo, Knoppix
Posts: 69

Original Poster
Rep: Reputation: 15
Originally Posted by Jason_Bassett View Post

Did you manage to sort out your issue?
I believe so, but it was so long ago, I don't remember. Sorry I didn't update the thread at the time.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
vsftp SSL cert errors dharm Linux - Security 3 05-22-2006 08:25 PM
installing ssl cert kwickcut Mandriva 4 09-25-2005 01:27 PM
SSL sign cert error Giallo998 Linux - Networking 1 04-25-2005 09:06 AM
Qmail ssl cert eltonmou Linux - Software 0 08-18-2004 06:48 AM
Webmin SSL Cert hakcenter Linux - Security 4 10-22-2003 04:21 PM

All times are GMT -5. The time now is 04:51 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration