Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
 |
GNU/Linux Basic Guide
This 255-page guide will provide you with the keys to understand the philosophy of free software, teach you how to use and handle it, and give you the tools required to move easily in the world of GNU/Linux. Many users and administrators will be taking their first steps with this GNU/Linux Basic guide and it will show you how to approach and solve the problems you encounter.
Click Here to receive this Complete Guide absolutely free. |
|
 |
|
05-01-2012, 04:15 AM
|
#1
|
|
Member
Registered: Apr 2012
Posts: 50
Rep: 
|
SSL errors, while trying to add a certificate
So, I am following this guide, but when I try to execute this command
Code:
http://dev.antoinesolutions.com/openssl/certificate-authority
, I am getting these errors in response
Code:
# openssl req -config openssl.cnf -new -x509 -extensions v3_ca -keyout private/ca.key -out certs/ca.crt -days 3650
error on line -1 of openssl.cnf
140076597720904:error:02001002:system library:fopen:No such file or directory:bss_file.c:126:fopen('openssl.cnf','rb')
140076597720904:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:129:
140076597720904:error:0E078072:configuration file routines:DEF_LOAD:no such file:conf_def.c:197:
|
|
|
|
|
05-01-2012, 04:23 AM
|
#2
|
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 42,823
|
error pretty clearly states that there is no openssl.cnf file.
|
|
|
|
|
05-01-2012, 04:25 AM
|
#3
|
|
Member
Registered: Apr 2012
Posts: 50
Original Poster
Rep:
|
I get it, but this error appears, when I am trying to create a certificate file.
|
|
|
|
|
05-01-2012, 04:37 AM
|
#4
|
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 42,823
|
right. but if the file doesn't exist, and you're telling it to use the file it's going to error, however much you don't want it to.
|
|
|
|
|
05-01-2012, 04:39 AM
|
#5
|
|
Member
Registered: Apr 2012
Posts: 50
Original Poster
Rep:
|
So, you're saying, that guide might be missing steps?
Do I have to create these files manually? Just empty files, right?
Where should these files be created?
Last edited by WoAnerges; 05-01-2012 at 04:42 AM.
|
|
|
|
|
05-01-2012, 04:42 AM
|
#6
|
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 42,823
|
it's not missing anything, it's just presuming you have a config file you wish to use, which seems reasonable to me. if you don't have one specifically updated, the default one will probably suit you fine, just answer more default questions. remove "-config openssl.cnf" and try again. the default is /etc/pki/tls/openssl.cnf usually
|
|
|
1 members found this post helpful.
|
|
05-01-2012, 04:45 AM
|
#7
|
|
Member
Registered: Apr 2012
Posts: 50
Original Poster
Rep:
|
acid_kewpie,
I did it, I have deleted the -config openssl.cnf from the command, but there is another error, that is popping up.
Quote:
# openssl req -new -x509 -extensions v3_ca -keyout private/ca.key -out certs/ca.crt -days 3650
Generating a 2048 bit RSA private key
....................+++
.............................................................+++
writing new private key to 'private/ca.key'
private/ca.key: No such file or directory
140268652070728:error:02001002:system library:fopen:No such file or directory:bss_file.c:355:fopen('private/ca.key','w')
140268652070728:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:357:
|
|
|
|
|
|
05-01-2012, 04:50 AM
|
#8
|
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 42,823
|
thought about using a better guide?
that says there is no "private" directory.
|
|
|
1 members found this post helpful.
|
|
05-01-2012, 04:52 AM
|
#9
|
|
Member
Registered: Apr 2012
Posts: 50
Original Poster
Rep:
|
I just checked, there is a dir "private" at /etc/pki/CA/private
Do you know any nice guide, that could help me out with installing SSL\SHTP?
Last edited by WoAnerges; 05-01-2012 at 04:53 AM.
|
|
|
|
|
05-01-2012, 05:05 AM
|
#10
|
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 42,823
|
yes, that's where the directory should be, and you should already be in that directory... are you? and you're doing all this as root, right?
|
|
|
1 members found this post helpful.
|
|
05-01-2012, 05:07 AM
|
#11
|
|
Member
Registered: Apr 2012
Posts: 50
Original Poster
Rep:
|
acid_kewpie,
yes, I am doing it inside the private dir.
Quote:
[root@mycomputer private]# openssl req -new -x509 -extensions v3_ca -keyout private/ca.key -out certs/ca.crt -days 3650
Generating a 2048 bit RSA private key
.........................+++
......+++
writing new private key to 'private/ca.key'
private/ca.key: No such file or directory
140315191191368:error:02001002:system library:fopen:No such file or directory:bss_file.c:355:fopen('private/ca.key','w')
140315191191368:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:357:
|
Quote:
[root@mycomputer private]# service httpd start
Starting httpd: Syntax error on line 25 of /etc/httpd/conf.d/mycomputer.com.conf:
SSLCertificateFile: file '/etc/pki/CA/certs/mycomputer.com.crt' does not exist or is empty
[FAILED]
|
Last edited by WoAnerges; 05-01-2012 at 05:09 AM.
|
|
|
|
|
05-01-2012, 05:09 AM
|
#12
|
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 42,823
|
no, not there, as per the doc you linked, /etc/pki/CA
|
|
|
1 members found this post helpful.
|
|
05-01-2012, 05:11 AM
|
#13
|
|
Member
Registered: Apr 2012
Posts: 50
Original Poster
Rep:
|
ok, so I did cd .. and it look like, it worked, because it asks me for a passphrase.
Last edited by WoAnerges; 05-01-2012 at 05:17 AM.
|
|
|
|
|
05-01-2012, 05:17 AM
|
#14
|
|
Member
Registered: Apr 2012
Posts: 50
Original Poster
Rep:
|
But, when I try to start httpd service, I still get this error
Quote:
# service httpd start
Starting httpd: Syntax error on line 25 of /etc/httpd/conf.d/mycomputer.com.conf:
SSLCertificateFile: file '/etc/pki/CA/certs/mycomputer.com.crt' does not exist or is empty
|
|
|
|
|
|
05-01-2012, 05:20 AM
|
#15
|
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 42,823
|
OK, you really need to start actually READING the errors, not just posting them... does it exist? is it empty?
|
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 08:01 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
