[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Problem with OpenSSL and x509 Certificates

To: tech@openbsd.org
Subject: Problem with OpenSSL and x509 Certificates
From: eric@catastrophe.net
Date: Sun, 3 Nov 2002 02:02:43 -0600
Content-Disposition: inline
Organization: Catastrophe.Net <http://www.catastrophe.net/>

I've noticed the following problem under 3.2 when trying to generate
an x509 certificate...

# openssl genrsa -out /etc/isakmpd/private/local.key 1024

(works fine...)

# openssl req -new -key /etc/isakmpd/private/local.key \
  -out /etc/isakmpd/private/server.csr

(works fine...)

# openssl x509 -req -days 365 -in /etc/isakmpd/private/server.csr \
  -CA /etc/ssl/ca.crt -CAkey /etc/ssl/private/ca.key -CAcreateserial \
  -out /etc/isakmpd/certs/local.crt
Signature ok
subject=/C=US/ST=Illinois/L=Chicago/O=Catastrophe.Net/OU=Network
Services/CN=something.example.org/emailAddress=something@example.org
Getting CA Private Key
unable to load serial number from /etc/ssl/ca.srl
4300:error:0D066096:asn1 encoding routines:a2i_ASN1_INTEGER:short
line:/usr/src/lib/libssl/crypto/../src/crypto/asn1/f_int.c:216:

These commands work fine on 3.1.

Any assistance is appreciated....I'm following the SSH Sentinel docs
on allard.nu

-#0

Prev by Date: Re: temp queues
Next by Date: Filename to "inode" pointer in C
Prev by thread: Re: temp queues
Next by thread: Filename to "inode" pointer in C
Index(es):
- Date
- Thread