[Skunkworks] help me understand an open ssl error

Eva Kimathi evakimathi at gmail.com
Fri Dec 13 20:07:51 EAT 2013


Hi Okech,

you were right, I didn't have read access. I failed to account for that.
Thanks man.


On Fri, Dec 13, 2013 at 4:04 PM, Okechukwu <okechukwu at gmail.com> wrote:

> or write access to /etc/ssl/ for that matter?
>
> ./Ok3ch
>
>
> On Fri, Dec 13, 2013 at 2:03 PM, Okechukwu <okechukwu at gmail.com> wrote:
>
>> ls -l /etc/pki/CA/index.txt
>>
>> Do you have read access?
>>
>> ./Ok3ch
>>
>>
>>  On Fri, Dec 13, 2013 at 12:42 PM, Eva Kimathi <evakimathi at gmail.com>wrote:
>>
>>>  ola!
>>>
>>> I have this error that I am having a problem deciphering. please help
>>>
>>> /etc/pki/CA/index.txt: No such file or directory
>>> unable to open '/etc/pki/CA/index.txt'
>>> 139879468582752:error:02001002:system library:fopen:No such file or
>>> directory:bss_file.c:398:fopen('/etc/pki/CA/index.txt','r')
>>> 139879468582752:error:20074002:BIO routines:FILE_CTRL:system
>>> lib:bss_file.c:400:
>>> Testing certificate for hmis_server.{MY_DOMAIN}.
>>> Error opening certificate file /etc/ssl/certs/hmis_server.ghealth.crt.pem
>>> 139872843011936:error:02001002:system library:fopen:No such file or
>>> directory:bss_file.c:398:fopen('/etc/ssl/certs/hmis_server.ghealth.crt.pem','r')
>>> 139872843011936:error:20074002:BIO routines:FILE_CTRL:system
>>> lib:bss_file.c:400:
>>> unable to load certificate
>>>
>>> here's the script that created that monster
>>>
>>> #!/bin/csh -f
>>>
>>>    echo "Creating a certificate signing request (CSR)."
>>>    openssl req \
>>>        -nodes -new -days 3650 \
>>>        -subj "${DEFAULT_ATTRIBUTES}/CN=${SERVER_NAME}.${MY_DOMAIN}" \
>>>        -keyout /etc/ssl/private/${SERVER_NAME}.${MY_DOMAIN}.key.pem \
>>>        -out /etc/ssl/req/${SERVER_NAME}.${MY_DOMAIN}.req.pem
>>>    echo "Testing the newly created CSR."
>>>    openssl req -text -verify -noout -in
>>> /etc/ssl/req/${SERVER_NAME}.${MY_DOMAIN}.req.pem
>>>    echo "Check for errors, press [Enter] to continue..."
>>>    read x
>>>    echo "Signing CSR for ${SERVER_NAME}.${MY_DOMAIN}."
>>>    openssl ca \
>>>        -out /etc/ssl/certs/${SERVER_NAME}.${MY_DOMAIN}.crt.pem \
>>>        -in /etc/ssl/req/${SERVER_NAME}.${MY_DOMAIN}.req.pem \
>>>        -cert /etc/ssl/cacerts/ca.${MY_DOMAIN}.cacrt.pem \
>>>        -keyfile /etc/ssl/private/ca.${MY_DOMAIN}.cakey.pem
>>>    echo "Testing certificate for ${SERVER_NAME}.${MY_DOMAIN}."
>>>    openssl verify \
>>>        -CAfile /etc/ssl/cacerts/ca.${MY_DOMAIN}.cacrt.pem \
>>>        /etc/ssl/certs/${SERVER_NAME}.${MY_DOMAIN}.crt.pem
>>>    echo "Check for errors, press [Enter] to continue..."
>>>    read x
>>>    echo "Creating bundle for ${SERVER_NAME}.${MY_DOMAIN}."
>>>    cat /etc/ssl/private/${SERVER_NAME}.${MY_DOMAIN}.key.pem \
>>>        /etc/ssl/certs/${SERVER_NAME}.${MY_DOMAIN}.crt.pem \
>>>        > /etc/ssl/private/${SERVER_NAME}.${MY_DOMAIN}.key+crt.pem
>>>    echo "Creating DH parameter file for ${SERVER_NAME}.${MY_DOMAIN}."
>>>    openssl dhparam -check -text -5 512 -out
>>> /etc/ssl/dh/${SERVER_NAME}.${MY_DOMAIN}.dh
>>>
>>> -------------------
>>>
>>> help?
>>> --
>>>
>>> __________________________________________________________________________
>>> Out of clutter, find simplicity. From discord, find harmony. In the
>>> middle of difficulty, lies opportunity
>>> ~Albert Einstein
>>>
>>> Eva Kimathi
>>>
>>> _______________________________________________
>>> skunkworks mailing list
>>> skunkworks at lists.my.co.ke
>>> ------------
>>> List info, subscribe/unsubscribe
>>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
>>> ------------
>>>
>>> Skunkworks Rules
>>> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
>>> ------------
>>> Other services @ http://my.co.ke
>>>
>>
>>
>
> _______________________________________________
> skunkworks mailing list
> skunkworks at lists.my.co.ke
> ------------
> List info, subscribe/unsubscribe
> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
> ------------
>
> Skunkworks Rules
> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
> ------------
> Other services @ http://my.co.ke
>



-- 
__________________________________________________________________________
Out of clutter, find simplicity. From discord, find harmony. In the middle
of difficulty, lies opportunity
~Albert Einstein

Eva Kimathi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.my.co.ke/pipermail/skunkworks/attachments/20131213/7049ccf6/attachment.html>


More information about the skunkworks mailing list