Error Opening Ca Private Key ./democa/private/cakey.pem
here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn more about Stack Overflow the company Business Learn more about hiring developers or posting ads with us Stack Overflow Questions Jobs Documentation Tags Users Badges Ask Question x Dismiss Join the Stack Overflow Community Stack Overflow is a community of 4.7 million programmers, just like you, helping each other. Join them; it only takes a minute: Sign up Openssl command line troubles up vote 5 down vote favorite 3 Edit: Haven't solved my problems, but I've moved on to new and more exciting problems. Leaving this here in case anyone has and insightful that'll help someone who stumbles on to this question in the future. Hi, I'm attempting to send an encrypted email from php to outlook. As such, I need to generate a certificate to import into outlook. I had no problem generating a set of keys using openssl and the CA.pl script that comes with it, but when I try to run the command to generate the PKCS12 file to import into outlook it complains about a missing "demoCA" directory. It appears this directory is a part of openssl, and is referenced in the openssl config... but i have no idea where it is. I've searched the drive in many ways from grep to spotlight (on os x, though i really wasn't expecting spotlight to find anything), and can't come up with anything. The command I was trying to run is: $ openssl ca -cert newcert.pem -ss_cert newcert.pem Using configuration from /sw/etc/ssl/openssl.cnf ./demoCA/private/cakey.pem: No such file or directory trying to load CA private key 19918:error:02001002:system library:fopen:No such file or directory:bss_file.c:245:fopen('./demoCA/private/cakey.pem','r') 19918:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:247: I am a bit of a noob when it comes to encryption / SSL, so I might be missing something stupid (I'm sure if it, haha). encryption outlook openssl share|improve this question edited Jan 13 '09 at 21:28 community wiki 2 revsElectronic Zebra add a comment| 1 Answer 1 active oldest votes up v
here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn more about Stack Overflow the company Business Learn more about hiring developers or posting ads with us Stack Overflow Questions Jobs Documentation Tags Users Badges Ask Question x Dismiss Join the Stack Overflow Community Stack Overflow is a community of 4.7 million programmers, just like you, helping each other. Join them; it only takes a minute: Sign up openSSL sign https_client certificate with CA up vote http://stackoverflow.com/questions/440762/openssl-command-line-troubles 1 down vote favorite I need to: create a CA certificate create a https_client-certificate sign the https_client-certificate by the CA by using the command-line on Linux - openSUSE. I create the CA certificate: # openssl genrsa -out rootCA.key 2048 Generating RSA private key, 2048 bit long modulus ..........................................................+++ ....................+++ e is 65537 (0x10001) # openssl req -x509 -new -nodes -key rootCA.key -days 3650 -out rootCA.pem You are http://stackoverflow.com/questions/32072668/openssl-sign-https-client-certificate-with-ca about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:AA State or Province Name (full name) [Some-State]:A Locality Name (eg, city) []:A Organization Name (eg, company) [Internet Widgits Pty Ltd]:A Organizational Unit Name (eg, section) []:A Common Name (e.g. server FQDN or YOUR name) []:A Email Address []:A # Works fine. Then I create the https_client-certificate: # openssl genrsa -out client1.key 2048 Generating RSA private key, 2048 bit long modulus ............................+++ .............................................+++ e is 65537 (0x10001) # # openssl req -x509 -new -nodes -key client1.key -days 3650 -out client1.pem You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will
shootout for new Electronic Health Record vendor. New Server Build Build new physical server with primary role to host virtual servers with Hyper-V Strategic Mapping https://community.spiceworks.com/topic/291572-please-help-get-ssl-cert-to-work-on-centos-6-3-linux-apache-site?page=2 for SAKDC Ever year our doctors get together for a strategic planning retreat. Added to my list of quasi-IT tasks is a mapping project for each meeting. TECHNOLOGY IN THIS DISCUSSION IIS Join the Community! Creating your account only takes a few minutes. Join Now ◄ Prev 1 2 Next ► 31 Replies Serrano OP AK-47 Jan 16, 2013 at 5:09 UTC CloudMan, I have error opening followed these instructions http://www.cyberciti.biz/faq/rhel-apache-httpd-mod-ssl-tutorial and have run into a wall.
When I run the following command I get an error below: Generate a Certificate Signing Request (CSR) Type the following command: [root@crm certs]# openssl ca -in apachekey.csr -out apachecert.pem Using configuration from /etc/pki/tls/openssl.cnf Error opening CA private key /etc/pki/CA/private/cakey.pem 140369441593160:error:02001002:system library:fopen:No such file or directory:bss_file.c:355:fopen('/etc/pki/CA/private/cakey.pem','r') 140369441593160:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:357: unable to load CA private key 0 error opening ca Cayenne OP CloudMan Jan 16, 2013 at 6:23 UTC Yes, you have issue with CA certificates .. if you scroll down to comments on that page there are 2 solutions to this problem .. also you can check this link: http://chrisjean.com/2009/01/14/adding-ssl-support-to-apache-on-centos 0 Serrano OP AK-47 Jan 16, 2013 at 8:07 UTC Got it! First of all - BIG THANK YOU FOR ALL WHO TOOK THE TIME TO HELP!! Donges - the guide you provided worked with a couple of additional lines of code to configure the firewall. I was able to piece together the right guide after going through at least 5 different ones. Here is the complete solution (also attached in the form of a Word document: How to Create a SSL Certificate on Apache for CentOS 6 About Self-Signed Certificates ________________________________________ A SSL certificate is a way to encrypt a site's information and create a more secure connection. Additionally, the certificate can show the virtual private server's identification information to site visitors. Certificate Authorities can issue SSL certificates that verify the virtual server's details while a self-signed certificate has no 3rd party corroboration. Step One—Install Mod SSL ________________________________________ In order to set up the self signed certificate,