On Nov 22, 2004, at 1:41 PM, Dr. Stephen Henson wrote:
On Mon, Nov 22, 2004, Dan O'Brien wrote:
Searched for openssl.cnf and it is on the system:
[EMAIL PROTECTED]:/etc/ssl# locate openssl.cnf /usr/lib/ssl/openssl.cnf
Is this a clue to the problem?
Might be :-) Depends what's in that file. Does it contain a line with:
[distinguished_name]
on it? Does it have world read permissions? What happens if you include the
command line switch: -config /usr/lib/ssl/openssl.cnf to the req command that
was failing before?
Progress! It appears that although "locate" indicated the presence of the openssl.cnf file... (as in:
[EMAIL PROTECTED]:~$ locate openssl.cnf /usr/lib/ssl/openssl.cnf)
...when I vi'd it as root, the file was blank, and vi indicated that it was making a new file.
Adding the -config /usr/lib/ssl/openssl.cnf switch yielded this:
[EMAIL PROTECTED]:~# openssl req -new -x509 -keyout private/cakey.pem -out cacert.pem -days 7000 -config /usr/lib/ssl/openssl.cnf
Using configuration from /usr/lib/ssl/openssl.cnf
error on line 1074095624 of /usr/lib/ssl/openssl.cnf
1708:error:02001002:system library:fopen:No such file or directory:bss_file.c:104:fopen('/usr/lib/ssl/openssl.cnf','rb')
1708:error:2006D002:BIO routines:BIO_new_file:system lib:bss_file.c:106:
1708:error:0E064002:configuration file routines:CONF_load:system lib:conf_lib.c:91:
Changing directories and listing showed this:
[EMAIL PROTECTED]:/usr/lib/ssl# ls certs lib misc openssl.cnf private
...wherein openssl.cnf was displayed in red text set against a black selection rectangle -- what does this indicate?
In any case, all signs pointed to a malfunctioning file, so I rm'd it. You previously suggested that I unpack one from another installation. Unless you have a better idea, I believe the next move will be to try to install 0.9.7e.
- Dan O'Brien
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
