or write access to /etc/ssl/ for that matter?

./Ok3ch


On Fri, Dec 13, 2013 at 2:03 PM, Okechukwu <okechukwu@gmail.com> wrote:
ls -l /etc/pki/CA/index.txt

Do you have read access?

./Ok3ch


On Fri, Dec 13, 2013 at 12:42 PM, Eva Kimathi <evakimathi@gmail.com> wrote:
ola! 

I have this error that I am having a problem deciphering. please help

/etc/pki/CA/index.txt: No such file or directory
unable to open '/etc/pki/CA/index.txt'
139879468582752:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('/etc/pki/CA/index.txt','r')
139879468582752:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
Testing certificate for hmis_server.{MY_DOMAIN}.
Error opening certificate file /etc/ssl/certs/hmis_server.ghealth.crt.pem
139872843011936:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('/etc/ssl/certs/hmis_server.ghealth.crt.pem','r')
139872843011936:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
unable to load certificate

here's the script that created that monster

#!/bin/csh -f

   echo "Creating a certificate signing request (CSR)."
   openssl req \
       -nodes -new -days 3650 \
       -subj "${DEFAULT_ATTRIBUTES}/CN=${SERVER_NAME}.${MY_DOMAIN}" \
       -keyout /etc/ssl/private/${SERVER_NAME}.${MY_DOMAIN}.key.pem \
       -out /etc/ssl/req/${SERVER_NAME}.${MY_DOMAIN}.req.pem
   echo "Testing the newly created CSR."
   openssl req -text -verify -noout -in /etc/ssl/req/${SERVER_NAME}.${MY_DOMAIN}.req.pem
   echo "Check for errors, press [Enter] to continue..."
   read x
   echo "Signing CSR for ${SERVER_NAME}.${MY_DOMAIN}."
   openssl ca \
       -out /etc/ssl/certs/${SERVER_NAME}.${MY_DOMAIN}.crt.pem \
       -in /etc/ssl/req/${SERVER_NAME}.${MY_DOMAIN}.req.pem \
       -cert /etc/ssl/cacerts/ca.${MY_DOMAIN}.cacrt.pem \
       -keyfile /etc/ssl/private/ca.${MY_DOMAIN}.cakey.pem
   echo "Testing certificate for ${SERVER_NAME}.${MY_DOMAIN}."
   openssl verify \
       -CAfile /etc/ssl/cacerts/ca.${MY_DOMAIN}.cacrt.pem \
       /etc/ssl/certs/${SERVER_NAME}.${MY_DOMAIN}.crt.pem
   echo "Check for errors, press [Enter] to continue..."
   read x
   echo "Creating bundle for ${SERVER_NAME}.${MY_DOMAIN}."
   cat /etc/ssl/private/${SERVER_NAME}.${MY_DOMAIN}.key.pem \
       /etc/ssl/certs/${SERVER_NAME}.${MY_DOMAIN}.crt.pem \
       > /etc/ssl/private/${SERVER_NAME}.${MY_DOMAIN}.key+crt.pem
   echo "Creating DH parameter file for ${SERVER_NAME}.${MY_DOMAIN}."
   openssl dhparam -check -text -5 512 -out /etc/ssl/dh/${SERVER_NAME}.${MY_DOMAIN}.dh

-------------------

help?
--
__________________________________________________________________________ 
Out of clutter, find simplicity. From discord, find harmony. In the middle of difficulty, lies opportunity
~Albert Einstein

Eva Kimathi

_______________________________________________
skunkworks mailing list
skunkworks@lists.my.co.ke
------------
List info, subscribe/unsubscribe
http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
------------

Skunkworks Rules
http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
------------
Other services @ http://my.co.ke