or write access to /etc/ssl/ for that matter? ./Ok3ch On Fri, Dec 13, 2013 at 2:03 PM, Okechukwu <okechukwu@gmail.com> wrote:
ls -l /etc/pki/CA/index.txt
Do you have read access?
./Ok3ch
On Fri, Dec 13, 2013 at 12:42 PM, Eva Kimathi <evakimathi@gmail.com>wrote:
ola!
I have this error that I am having a problem deciphering. please help
/etc/pki/CA/index.txt: No such file or directory unable to open '/etc/pki/CA/index.txt' 139879468582752:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('/etc/pki/CA/index.txt','r') 139879468582752:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400: Testing certificate for hmis_server.{MY_DOMAIN}. Error opening certificate file /etc/ssl/certs/hmis_server.ghealth.crt.pem 139872843011936:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('/etc/ssl/certs/hmis_server.ghealth.crt.pem','r') 139872843011936:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400: unable to load certificate
here's the script that created that monster
#!/bin/csh -f
echo "Creating a certificate signing request (CSR)." openssl req \ -nodes -new -days 3650 \ -subj "${DEFAULT_ATTRIBUTES}/CN=${SERVER_NAME}.${MY_DOMAIN}" \ -keyout /etc/ssl/private/${SERVER_NAME}.${MY_DOMAIN}.key.pem \ -out /etc/ssl/req/${SERVER_NAME}.${MY_DOMAIN}.req.pem echo "Testing the newly created CSR." openssl req -text -verify -noout -in /etc/ssl/req/${SERVER_NAME}.${MY_DOMAIN}.req.pem echo "Check for errors, press [Enter] to continue..." read x echo "Signing CSR for ${SERVER_NAME}.${MY_DOMAIN}." openssl ca \ -out /etc/ssl/certs/${SERVER_NAME}.${MY_DOMAIN}.crt.pem \ -in /etc/ssl/req/${SERVER_NAME}.${MY_DOMAIN}.req.pem \ -cert /etc/ssl/cacerts/ca.${MY_DOMAIN}.cacrt.pem \ -keyfile /etc/ssl/private/ca.${MY_DOMAIN}.cakey.pem echo "Testing certificate for ${SERVER_NAME}.${MY_DOMAIN}." openssl verify \ -CAfile /etc/ssl/cacerts/ca.${MY_DOMAIN}.cacrt.pem \ /etc/ssl/certs/${SERVER_NAME}.${MY_DOMAIN}.crt.pem echo "Check for errors, press [Enter] to continue..." read x echo "Creating bundle for ${SERVER_NAME}.${MY_DOMAIN}." cat /etc/ssl/private/${SERVER_NAME}.${MY_DOMAIN}.key.pem \ /etc/ssl/certs/${SERVER_NAME}.${MY_DOMAIN}.crt.pem \ > /etc/ssl/private/${SERVER_NAME}.${MY_DOMAIN}.key+crt.pem echo "Creating DH parameter file for ${SERVER_NAME}.${MY_DOMAIN}." openssl dhparam -check -text -5 512 -out /etc/ssl/dh/${SERVER_NAME}.${MY_DOMAIN}.dh
-------------------
help? --
__________________________________________________________________________ Out of clutter, find simplicity. From discord, find harmony. In the middle of difficulty, lies opportunity ~Albert Einstein
Eva Kimathi
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke