OpenSSL CA Certificate generation failing without error message












1















I want to create a CA Certificate out of a CSR. The process is failing with no error message though, so I don't know where to find a solution.



[user@computer myca]$ openssl ca -config openssl.cnf -out user1cert.pem -in user1req.pem

Using configuration from openssl.cnf

[user@computer myca]$


My config file looks like this:



[ca]

default_ca = CA_default



[CA_default]

dir = . # where everything is kept

new_certs_dir = $dir # default place for new certs

serial = $dir/serial # the current serial number

database = $dir/index # database index file

certificate = $dir/cacert.pem # The CA certificate

private_key = $dir/caprivkey.pem # The private key

RANDFILE = $dir/.rand # private random number file

default_days = 730 # how long to certify for

default_md = sha256 # which message digest to use

policy = policy_any # which policy is used



[policy_any]

countryName = supplied # country name is mandatory

stateOrProvinceName = optional # state is optional

organizationName = optional # organization name is optional

organizationalUnitName = optional # unit name is optional

commonName = optional # user name is mandatory

emailAddress = optional # email address is optional


The files that are referenced in the config file (cacert.pem, caprivkey.pem, index and serial) all exist the in the current directory. And if I change the name of any of them, I get an error saying the file doesn't exist, so I know error messages are displaying. I also get an error when trying to use a wrong private key, which I did just to test getting an error message.



Am I missing something?






ssl certificate openssl x509







share|improve this question

























  • "I also get an error" - What error? Please edit your question instead of submitting a comment.

    – Ramhound
    Jan 19 at 1:47
















1















I want to create a CA Certificate out of a CSR. The process is failing with no error message though, so I don't know where to find a solution.



[user@computer myca]$ openssl ca -config openssl.cnf -out user1cert.pem -in user1req.pem

Using configuration from openssl.cnf

[user@computer myca]$


My config file looks like this:



[ca]

default_ca = CA_default



[CA_default]

dir = . # where everything is kept

new_certs_dir = $dir # default place for new certs

serial = $dir/serial # the current serial number

database = $dir/index # database index file

certificate = $dir/cacert.pem # The CA certificate

private_key = $dir/caprivkey.pem # The private key

RANDFILE = $dir/.rand # private random number file

default_days = 730 # how long to certify for

default_md = sha256 # which message digest to use

policy = policy_any # which policy is used



[policy_any]

countryName = supplied # country name is mandatory

stateOrProvinceName = optional # state is optional

organizationName = optional # organization name is optional

organizationalUnitName = optional # unit name is optional

commonName = optional # user name is mandatory

emailAddress = optional # email address is optional


The files that are referenced in the config file (cacert.pem, caprivkey.pem, index and serial) all exist the in the current directory. And if I change the name of any of them, I get an error saying the file doesn't exist, so I know error messages are displaying. I also get an error when trying to use a wrong private key, which I did just to test getting an error message.



Am I missing something?






ssl certificate openssl x509







share|improve this question

























  • "I also get an error" - What error? Please edit your question instead of submitting a comment.

    – Ramhound
    Jan 19 at 1:47














1












1








1








I want to create a CA Certificate out of a CSR. The process is failing with no error message though, so I don't know where to find a solution.



[user@computer myca]$ openssl ca -config openssl.cnf -out user1cert.pem -in user1req.pem

Using configuration from openssl.cnf

[user@computer myca]$


My config file looks like this:



[ca]

default_ca = CA_default



[CA_default]

dir = . # where everything is kept

new_certs_dir = $dir # default place for new certs

serial = $dir/serial # the current serial number

database = $dir/index # database index file

certificate = $dir/cacert.pem # The CA certificate

private_key = $dir/caprivkey.pem # The private key

RANDFILE = $dir/.rand # private random number file

default_days = 730 # how long to certify for

default_md = sha256 # which message digest to use

policy = policy_any # which policy is used



[policy_any]

countryName = supplied # country name is mandatory

stateOrProvinceName = optional # state is optional

organizationName = optional # organization name is optional

organizationalUnitName = optional # unit name is optional

commonName = optional # user name is mandatory

emailAddress = optional # email address is optional


The files that are referenced in the config file (cacert.pem, caprivkey.pem, index and serial) all exist the in the current directory. And if I change the name of any of them, I get an error saying the file doesn't exist, so I know error messages are displaying. I also get an error when trying to use a wrong private key, which I did just to test getting an error message.



Am I missing something?






ssl certificate openssl x509







share|improve this question
















I want to create a CA Certificate out of a CSR. The process is failing with no error message though, so I don't know where to find a solution.



[user@computer myca]$ openssl ca -config openssl.cnf -out user1cert.pem -in user1req.pem

Using configuration from openssl.cnf

[user@computer myca]$


My config file looks like this:



[ca]

default_ca = CA_default



[CA_default]

dir = . # where everything is kept

new_certs_dir = $dir # default place for new certs

serial = $dir/serial # the current serial number

database = $dir/index # database index file

certificate = $dir/cacert.pem # The CA certificate

private_key = $dir/caprivkey.pem # The private key

RANDFILE = $dir/.rand # private random number file

default_days = 730 # how long to certify for

default_md = sha256 # which message digest to use

policy = policy_any # which policy is used



[policy_any]

countryName = supplied # country name is mandatory

stateOrProvinceName = optional # state is optional

organizationName = optional # organization name is optional

organizationalUnitName = optional # unit name is optional

commonName = optional # user name is mandatory

emailAddress = optional # email address is optional


The files that are referenced in the config file (cacert.pem, caprivkey.pem, index and serial) all exist the in the current directory. And if I change the name of any of them, I get an error saying the file doesn't exist, so I know error messages are displaying. I also get an error when trying to use a wrong private key, which I did just to test getting an error message.



Am I missing something?






ssl certificate openssl x509




ssl certificate openssl x509






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Jan 18 at 21:24







Anthony

















asked Jan 18 at 21:03









AnthonyAnthony

62




62













  • "I also get an error" - What error? Please edit your question instead of submitting a comment.

    – Ramhound
    Jan 19 at 1:47



















  • "I also get an error" - What error? Please edit your question instead of submitting a comment.

    – Ramhound
    Jan 19 at 1:47

















"I also get an error" - What error? Please edit your question instead of submitting a comment.

– Ramhound
Jan 19 at 1:47





"I also get an error" - What error? Please edit your question instead of submitting a comment.

– Ramhound
Jan 19 at 1:47










0






active

oldest

votes











Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1395921%2fopenssl-ca-certificate-generation-failing-without-error-message%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























0






active

oldest

votes








0






active

oldest

votes









active

oldest

votes






active

oldest

votes
















draft saved

draft discarded




















































Thanks for contributing an answer to Super User!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1395921%2fopenssl-ca-certificate-generation-failing-without-error-message%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Plaza Victoria

Image
Plaza Victoria Plaza Victoria en 2017 Otros nombres Plaza de La Victoria Localización El Almendral, Valparaíso, Chile Vías adyacentes Chacabuco, Molina, Plaza Victoria y Edwards Creación 1841 Metro Bellavista Ubicación 33°02′46″S 71°37′11″O  /  -33.04624167, -71.61980833 Coordenadas: 33°02′46″S 71°37′11″O  /  -33.04624167, -71.61980833 [editar datos en Wikidata] La Plaza Victoria , también llamada Plaza de la Victoria , [ 1 ] ​ es una plaza ubicada en el sector El Almendral del plan de la ciudad de Valparaíso, Chile, de importancia patrimonial, que incluye valiosas estatuas y especies vegetales. [ 2 ] ​ La plaza se creó como tal en la primera mitad del siglo XIX, tomando previamente los nombres de Plaza Nueva y Plaza de Orrego . Si bien desde sus inicios tuvo relevancia histórica, no fue sino a partir de fines de los años 1860 cuando comenzó a cobrar mayor importancia y se convirtió en uno de los principales centros sociales de l
Read more

Puebla de Zaragoza

Image
Para otros usos de este término, véase Puebla (desambiguación). Heroica Puebla de Zaragoza Localidad De arriba a abajo de izquierda a derecha: Estrella de Puebla, Volcán Popocatépetl, Catedral de Puebla, Monumento a Ignacio Zaragoza, Estadio Cuauhtémoc, Angelópolis y Vista panorámica de la ciudad. Escudo Otros nombres: El relicario de América/ La ciudad de los Ángeles/ La Angelópolis Lema: Muy noble y muy leal ciudad de Puebla de los Ángeles Heroica Puebla de Zaragoza Localización de Heroica Puebla de Zaragoza en México Heroica Puebla de Zaragoza Localización de Heroica Puebla de Zaragoza en Puebla Mapa interactivo Coordenadas 19°03′05″N 98°13′04″O  /  19.051388888889, -98.217777777778 Coordenadas: 19°03′05″N 98°13′04″O  /  19.051388888889, -98.217777777778 Idioma oficial Español Entidad Localidad  • País   México  • Estado Puebla  • Municipio Puebla Presidente municipal Claudia Rivera Vivanc
Read more

Musa

Image
Para el género de plantas, véase Musa (planta). Apolo y la Nueve Musas En la mitología griega, las musas (en griego antiguo μοῦσαι « mousai» ) son, según los escritores más antiguos, las divinidades inspiradoras de las Artes: cada una de ellas está relacionada con ramas artísticas y del conocimiento. Son hijas de Zeus y de Mnemósine, compañeras del séquito de Apolo, dios olímpico de la música y patrón de las bellas artes, quien tuvo romances con cada una de ellas, dejando descendientes. Bajaban a la tierra a susurrar ideas e inspirar a aquellos mortales que las invocaran. En la época más arcaica eran las ninfas inspiradoras de las fuentes, en las cuales eran adoradas. Finalmente, alrededor de los siglos VIII-VII a. C. [ 1 ] ​ prevaleció en todo el territorio de la Hélade la adoración de las nueve Musas, que son Calíope, Clío, Erato, Euterpe, Melpómene, Polimnia, Talía, Terpsícore y Urania. El culto a las musas era originalmente de Tracia y Beocia, y fueron de vital impo
Read more