First create a CA key using the following command.
openssl genrsa -des3 -out ca.key 1024
Assuming your config file is located in the openssl root directory you can
create a CA cert using the following command.
openssl req -config openssl.conf -new -x509 -key ca.key -out ca.cer
Now you can create your server key and certificate
openssl genrsa -out server.key 1024
openssl req -key server.key -out server.req -config openssl.conf
openssl x509 -req -in server.req -CA ca.cer -CAkey ca.key -CAserial file.srl
-out server.cer -config openssl.conf
Fulvio Allegretti <[EMAIL PROTECTED]> wrote:
Hi all,
I am having problem generating a certificate request. I am installing a
software called Appliance Manager on Win2k3 SP1. This is a Nokia software which
installs apache server. I am unable to start the apache service and my
understanding is that this is because I have not been able to generate a
certificate (not even the request).
The path to apache is C:\Nokia\AM1_0\apache and there is the openssl tool
C:\Nokia\AM1_0\apache\bin
I have been supplied with a number of batch files to help?! me request and
generate a certificate but so far I have failed.
These are some of the lines of the script:
echo "Generating the Key for BE Server"
%OPENSSL_HOME%\bin\openssl genrsa -rand world.png -out BEServer.key 1024
echo "Generating the CSR for BE Server"
%OPENSSL_HOME%\bin\openssl req -new -key BEServer.key -out BEServer.csr
echo "Generating the Certificate for BE Server"
%OPENSSL_HOME%\bin\openssl x509 -req -days 3000 -in BEServer.csr -signkey
BEServer.key -out BEServer.cer
I have created the OPENSSL_HOME variable and this should be right as it is
generating the key, this is what I get from running the batch:
C:\Nokia\AM1_0\bin>BECert.bat
"Generating the Key for BE Server"
Loading 'screen' into random state - done
0 semi-random bytes loaded
Generating RSA private key, 1024 bit long modulus
..++++++
........++++++
e is 65537 (0x10001)
"Generating the CSR for BE Server"
Unable to load config info
unable to find 'distinguished_name' in config
problems making Certificate Request
3176:error:0E06D06A:configuration file routines:NCONF_get_string:no conf or
envi
ronment variable:.\crypto\conf\conf_lib.c:325:
"Generating the Certificate for BE Server"
Loading 'screen' into random state - done
BEServer.csr: No such file or directory
"Copying the certificate into the destination folder"
1 file(s) copied.
The system cannot find the file specified.
The system cannot find the file specified.
"Importing the BEServer certificate into truststore file"
keytool error: java.lang.Exception: Alias <bessl> does not exist
keytool error: java.io.FileNotFoundException: BEServer.cer (The system cannot
fi
nd the file specified)
If I browse to C:\\nokia\am1_0\apache\bin and run openssl wheu I type req this
is what I get:
OpenSSL> req
Unable to load config info
Reading on this forum it would seem that I need to do something with the
openssl.cnf file in the openssl folder but neither the file or the folder exist
on my machine. Let me know if you need more info.
I know it's a long shot, but any help would be appreciated.
Thanks,
Fu
Fulvio Allegretti
Network Consultant
Information Systems
RM plc
* mailto:[EMAIL PROTECTED]
' +44 (0)1235 854766
ΓΌ http://www.rm.com
You might be interested in this...
What's the secret of ICT success? For many schools, colleges and authorities
it's not a secret anymore.
Find out more now...
Visit our Website at www.rm.com
This message is confidential. You should not copy it or disclose its contents
to anyone. You may use and apply the information for the intended purpose only.
Internet communications are not secure; therefore, RM does not accept legal
responsibility for the contents of this message. Any views or opinions
presented are those of the author only and not of RM. If this email has come to
you in error, please delete it, along with any attachments. Please note that RM
may intercept incoming and outgoing email communications.
Freedom of Information Act 2000
This email and any attachments may contain confidential information belonging
to RM. Where the email and any attachments do contain information of a
confidential nature, including without limitation information relating to trade
secrets, special terms or prices these shall be deemed for the purpose of the
Freedom of Information Act 2000 as information provided in confidence by RM and
the disclosure of which would be prejudicial to RM's commercial interests.
This email has been scanned for viruses by Trend ScanMail.
---------------------------------
Sponsored Link
Mortgage rates as low as 4.625% - $150,000 loan for $579 a month.
Intro-*Terms
