Hi, I have the same probleme because I have more than one openssl installed. Try uising LD_LIBRARY_PATH=/path-to-you-ossl/lib /path-to-your-ossl/bin/openssl ....
Hope it could help Fred -----Message d'origine----- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de Dan O'Brien Envoyé : mercredi 1 décembre 2004 17:48 À : [EMAIL PROTECTED] Objet : Re: Issues creating Certificate Authority On Nov 23, 2004, at 1:59 PM, Charles B Cranston wrote: > It's possible from what you describe that it was a > hanging alias, that is, a symbolic link pointing to > a file that does not actually exist. This looks like > a file initially but gets a "file does not exist" > when you try to actually use it... > > Dan O'Brien wrote: > >> On Nov 22, 2004, at 1:41 PM, Dr. Stephen Henson wrote: >>> On Mon, Nov 22, 2004, Dan O'Brien wrote: >>> >>>> >>>> Searched for openssl.cnf and it is on the system: >>>> >>>> [EMAIL PROTECTED]:/etc/ssl# locate openssl.cnf /usr/lib/ssl/openssl.cnf >>>> >>>> Is this a clue to the problem? >>>> >>> >>> Might be :-) Depends what's in that file. Does it contain a line >>> with: >>> >>> [distinguished_name] >>> >>> on it? Does it have world read permissions? What happens if you >>> include the >>> command line switch: -config /usr/lib/ssl/openssl.cnf to the req >>> command that >>> was failing before? >>> >>> >> Progress! It appears that although "locate" indicated the presence of >> the openssl.cnf file... (as in: >> [EMAIL PROTECTED]:~$ locate openssl.cnf >> /usr/lib/ssl/openssl.cnf) >> ...when I vi'd it as root, the file was blank, and vi indicated that >> it was making a new file. >> Adding the -config /usr/lib/ssl/openssl.cnf switch yielded this: >> [EMAIL PROTECTED]:~# openssl req -new -x509 -keyout private/cakey.pem -out >> cacert.pem -days 7000 -config /usr/lib/ssl/openssl.cnf >> Using configuration from /usr/lib/ssl/openssl.cnf >> error on line 1074095624 of /usr/lib/ssl/openssl.cnf >> 1708:error:02001002:system library:fopen:No such file or >> directory:bss_file.c:104:fopen('/usr/lib/ssl/openssl.cnf','rb') >> 1708:error:2006D002:BIO routines:BIO_new_file:system >> lib:bss_file.c:106: >> 1708:error:0E064002:configuration file routines:CONF_load:system >> lib:conf_lib.c:91: >> Changing directories and listing showed this: >> [EMAIL PROTECTED]:/usr/lib/ssl# ls >> certs lib misc openssl.cnf private >> ...wherein openssl.cnf was displayed in red text set against a black >> selection rectangle -- what does this indicate? >> In any case, all signs pointed to a malfunctioning file, so I rm'd >> it. You previously suggested that I unpack one from another >> installation. Unless you have a better idea, I believe the next move >> will be to try to install 0.9.7e. >> - Dan O'Brien >> OK, installed 0.9.7e and the openssl.cnf file to the right location. Was then able to create the certificate authority. However, the next step, creating the SSL key for apache, met with the following error: [EMAIL PROTECTED]:/etc/ssl# openssl req -new -config ./openssl.cnf -nodes -out ./apache-req.pem -keyout ./apache-key.pem Using configuration from ./openssl.cnf error on line 1074095624 of ./openssl.cnf 297:error:02001002:system library:fopen:No such file or directory:bss_file.c:104:fopen('./openssl.cnf','rb') 297:error:2006D002:BIO routines:BIO_new_file:system lib:bss_file.c:106: 297:error:0E064002:configuration file routines:CONF_load:system lib:conf_lib.c:91: Ideas? - Dan O'Brien ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
