On Sat, Aug 23, 2003, Nick Gray wrote: > Dr Henson, > > > > Try deleting the demoCA tree and doing CA.pl -newca again. > > > > That isn't it. I tried that first. I am assuming the demoCA that it > looks for is in the current working directory. >
Yes. > > Also check openssl.cnf is somewhere usable or OPENSSL_CONF points to it or the > > req command will give an error when creating the CA certificate. > > > I think this might be the problem. I could be wrong, but I dont remember > this file before 0.97. I ran the commands > > /usr/local/bin/openssl genrsa -des3 -out ca.key 1024 > /usr/local/openssl/certs# /usr/local/bin/openssl req -new -x509 -days > 365 -key ca.key -out ca.crt > > and got what I expected. Was there some config I need to do to the > openssl.cnf file to make the CA.pl script work? > No, if req -new works then openssl.cnf is in the right place. Does CA.pl -newca give any kind of error message after it asks for a CA certificate? Did you give it the name of a CA certificate or just hit enter? Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
