Openssl Error Failed To Update Database
Contents |
History Basics Jumbo Reminders Actions Extract Article Ticket metadata The Basics Id: 502 Status: resolved Priority: 0/
Failed To Update Database Txt_db Error Number 2 Openvpn
Queue: OpenSSL-Bugs Custom Fields Milestone: 0.9.7e Subsystem: (no value) Severity: (no openssl revoke value) Broken in: (no value) People Owner: Nobody in particular Requestors: Maciej Bobrowski Cc: AdminCc: More about
Openssl Unique_subject
the requestors Maciej Bobrowski Comments about this user: No comment entered about this user Active Tickets Inactive Tickets All Tickets This user's 10 highest priority active tickets: openssl database Loading... Loading... Groups this user belongs to Unprivileged Everyone Reminders New reminder: Subject: Owner: Nobody in particular Andy Polyakov Ben Laurie Bodo Moeller Emilia Käsper Enoch Root Geoff Thorpe guest Jeffrey Walton Kurt Roeckx Lutz Jaenicke Matt Caswell Nils Larsch Rich Salz Richard Levitte Stephen Henson Test User Tim Hudson Viktor Dukhovni Due: Dates Created: Fri unique_subject = no openssl Feb 14 08:17:53 2003 Starts: Not set Started: Mon Jun 30 03:17:46 2014 Last Contact: Not set Due: Fri Feb 14 08:17:53 2003 Closed: Mon Jun 30 03:17:46 2014 Updated: Mon Jun 30 03:17:46 2014 by Rich Salz Links Graph Depends on : Depended on by : Parents : Children : Refers to : Referred to by : History Show all quoted text — Show full headers # FriFeb1408:17:532003 Maciej Bobrowski - Ticket created Date: Fri, 14 Feb 2003 08:26:54 +0100 (MET) From: Maciej Bobrowski
21:14 Tags: OpenVPN, Roadwarrior. While signing a certificate for a new OpenVPN user, I received the following error message which stops the whole process (exit code 1) Certificate is to be
Openssl Updatedb
certified until Nov 6 08:53:05 2023 GMT (3650 days) Sign the certificate? [y/n]:y failed txt_db error number 2 linux to update database TXT_DB error number 2 Problem: Because you have generated your own self signed certificate with the same CN
Easy-rsa Revoke Certificate
(Common Name) information that the CA certificate that you've generated before. Enter another Common Name. 6 Responses to "TXT_DB error number 2 failed to update database" Feed for this Entry Trackback Address Yonni June https://rt.openssl.org/Ticket/Display.html?id=502&user=guest&pass=guest 29, 2016 at 08:57 Thanks! Worked ieio May 27, 2016 at 11:38 In case you need to sign two certificate with the same CM you can modify your database attr with unique_subject = no Manoj March 28, 2016 at 14:33 Work for me!! vikas027 March 6, 2016 at 15:38 I just manually deleted the entry from the index.txt file and it worked for me. t123yh September 30, 2015 http://zeldor.biz/2013/11/txt_db-error-number-2-failed-to-update-database/ at 12:37 Great. sham March 9, 2014 at 17:05 Solved my issue. « Upgrading Fedora to Schrodinger’s Cat v.19 Remote Mirroring with nc and dd » Leave a Reply Cancel Reply Name (required) Mail (will not be published) (required) Website « Upgrading Fedora to Schrodinger’s Cat v.19 Remote Mirroring with nc and dd » Search Search for: Categories Apple Bash Books Cisco Debian DIY FTP Fun HTTP IPv6 Kernel Linux Mac OS X Macroeconomic Mailing Mobile Monitoring MySQL Networking Nmap OpenVPN Programming Python Ruby Tcpdump Ubuntu Virtualization Windows Archives July 2015 December 2014 July 2014 March 2014 January 2014 December 2013 November 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 May 2012 March 2012 February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 November 2010 October 2010 September 2010 August 2010 July 2010 June 2010 Tagsapache2 Apple arduino backup bash Cisco dd Debian Debian squeeze DIY Exim4 Fedora FTP Fun GIT Icinga IMAP Ipv6 Juniper KVM Linux LVM MAC OS X Monito
here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About http://stackoverflow.com/questions/9496698/how-to-revoke-an-openssl-certificate-when-you-dont-have-the-certificate Us Learn more about Stack Overflow the company Business Learn more about hiring developers or posting ads with us Stack Overflow Questions Jobs Documentation Tags Users Badges Ask Question x Dismiss Join the Stack Overflow Community Stack Overflow is a community of 6.2 million programmers, just like you, helping each other. Join them; it only takes a minute: Sign up How to revoke an openssl certificate failed to when you don't have the certificate up vote 32 down vote favorite 10 I made an openssl certificate signed by the CA created on the local machine. This certificate was deleted and I don't have it anymore. It is impossible to create another certificate with the same commonName because openssl doesn't allow it and will generate the error: failed to update database TXT_DB error number 2 failed to update How can I revoke the certificate to create another one with the same commonName ? openssl certificate-revocation share|improve this question asked Feb 29 '12 at 9:40 leszek.hanusz 2,45311733 add a comment| 2 Answers 2 active oldest votes up vote 46 down vote accepted (Based on Nilesh's answer) In the default configuration, openssl will keep copies of all signed certificates in /etc/ssl/newcerts, named by its index number. So grep /etc/ssl/index.txt to obtain the serial number of the key to be revoked, e.g. 1013, then execute the following command: openssl ca -revoke /etc/ssl/newcerts/1013.pem #replacing the serial number The -keyfile and -cert mentioned in Nilesh's answer are only required if that deviates from your openssl.cnf settings. Alternatively you can also change /etc/ssl/index.txt.attr to contain the line unique_subject = no to allow multiple certificates with the same common name. If you have published the original certificate, revoking the old one is however the preferable solution, even if you don't run an OSCP server or provide CRLs. share|improve this answer edited Aug 10 '15 at 15:36 vincentleest 418317 answered Feb 25 '13 at 7:11 Tobias Kienzler 7,1041055112 2 Great answer! Thanks a lot! For easy-rsa users it is: /etc/openvpn/easy-rsa/revoke-full /etc/op