[openssl-users] error:02001002:system library:fopen:No such file or directory:.\crypto\bio\bss_file.c

Itsmesri getur.srikanth at gmail.com
Sun Feb 8 08:16:46 UTC 2015 

I am newbie to OPENSSL world.I am trying into install openssl certification
on my microsoft exchange server. For this I was following below article step
by step. at one place I stuck while createing 'ca' and getting below errors. 

I have created index.txt , serial files and have proper permissions.

article: 
http://www.stephen-scotter.net/computers/windows/exchange/using-openssl-to-create-a-certificate-for-exchange-2010#exchange2010
<http://www.stephen-scotter.net/computers/windows/exchange/using-openssl-to-create-a-certificate-for-exchange-2010#exchange2010>  

C:\OpenSSL-Win64>bin\openssl.exe ca -name ServerCA -policy policy_anything
-in SIFY_CA\requests\SIFYSERV4-EXCHANGE.csr -o
t SIFY_CA\certs\SIFYSERV4-EXCHANGE-WRONGFORMAT.cer -md sha1
Using configuration from c:\OpenSSL-Win64\bin\openssl.cfg
Loading 'screen' into random state - done
Enter pass phrase for \\DALLAS\OpenSSL-Win64\SIFY_CA\private\SIFY_CA.key:
Error Loading extension section ca_cert
11128:error:02001002:system library:fopen:No such file or
directory:.\crypto\bio\bss_file.c:169:fopen('\\DALLAS\OpenSSL-Win64\SIFY_CA\index.txt.attr','rb')
11128:error:2006D080:BIO routines:BIO_new_file:no such
file:.\crypto\bio\bss_file.c:172:
11128:error:0E078072:configuration file routines:DEF_LOAD:no such
file:.\crypto\conf\conf_def.c:197:
11128:error:2207507C:X509 V3 routines:v2i_GENERAL_NAME_ex:missing
value:.\crypto\x509v3\v3_alt.c:537:
11128:error:22098080:X509 V3 routines:X509V3_EXT_nconf:error in
extension:.\crypto\x509v3\v3_conf.c:93:name=subjectAltName, value=D
S:sifytech.com,DNS:www.sifytech.com;DNS:*.sifytech.com,mail.SIFY.com,owa.sifytech.com

 openssl.cfg
---------------
HOME     = \\\\DALLAS\\OpenSSL-Win64
#RANDFILE = $HOME\\.rnd

[ca]
default_ca = SIFY_CA

[SIFY_CA]
dir              = $HOME\\SIFY_CA
certs            = $dir\\certs
crl_dir          = $dir\\crl
database         = $dir\\index.txt
new_certs_dir    = $dir\\newcerts
certificate      = $certs\\SIFY_CA.cer
serial           = $dir\\serial
crl              = $crl_dir\\SIFY_CA.crl
private_key      = $dir\\private\\SIFY_CA.key
RANDFILE         = $dir\\private\\.rnd
unique_subject   = no
email_in_dn      = yes
policy           = policy_match
x509_extensions  = ca_cert
default_days     = 18250 
default_crl_days = 18250 
default_md       = md5


[ServerCA]
dir              = $HOME\\SIFY_CA
certs            = $dir\\certs
crl_dir          = $dir\\crl
database         = $dir\\index.txt
new_certs_dir    = $dir\\newcerts
certificate      = $certs\\SIFY_CA.cer
serial           = $dir\\serial
#####crl              = $crl_dir\\ServerCA.crl
crl              = $crl_dir\\SIFY_CA.crl
private_key      = $dir\\private\\SIFY_CA.key
RANDFILE         = $dir\\private\\.rnd
unique_subject   = no
email_in_dn      = yes
policy           = policy_match
x509_extensions  = ca_cert
default_days     = 18250 
default_crl_days = 18250 
default_md       = md5
#####copy_extensions  = copy
#####copy_extensions  = none

[policy_match]
countryName            = match
stateOrProvinceName    = optional
organizationName       = optional
organizationalUnitName = supplied
commonName             = supplied
emailAddress           = optional

[policy_anything]
countryName            = optional
stateOrProvinceName    = optional
localityName           = optional
organizationName       = optional
organizationalUnitName = optional
commonName             = supplied
emailAddress           = optional

[req]
default_bits       = 2048
default_keyfile    = privkey.pem
distinguished_name = req_distinguished_name
#attributes        = req_attributes
x509_extensions    = v3_ca
req_extensions     = v3_req

[req_distinguished_name]
countryName			= Country Name (2 letter code)
countryName_default		= GB
countryName_min			= 2
countryName_max			= 2
stateOrProvinceName		= State or Province Name (full name)
stateOrProvinceName_default	= West Midlands
localityName			= Locality Name (eg, city)
localityName_default            = Birmingham
0.organizationName		= Organization Name (eg, company)
0.organizationName_default	= WHLB (Certificate Authority)
organizationalUnitName		= Organizational Unit Name (eg, section)
organizationalUnitName_default	=
commonName			= Common Name (eg, YOUR name)
commonName_default		= WHLB (Certificate Authority)
commonName_max			= 64
emailAddress			= Email Address
emailAddress_max		= 64


[v3_ca]
#basicConstraints      = critical, CA:true, pathlen:0
basicConstraints      = CA:true
#nsCertType            = sslCA
#keyUsage              = cRLSign, keyCertSign
#extendedKeyUsage      = serverAuth, clientAuth
nsComment             = "OpenSSL CA Certificate"
crlDistributionPoints =
URI:http://dallas.sifytech.com/SIFY_ca/crl/SIFY_CA.crl

[v3_req]
basicConstraints      = CA:FALSE
keyUsage              = nonRepudiation, digitalSignature, keyEncipherment
crlDistributionPoints =
URI:http://dallas.sifytech.com/SIFY_ca/crl/SIFY_CA.crl

[ca_cert]
basicConstraints       = CA:true
nsComment              = "OpenSSL Generated Certificate"
subjectKeyIdentifier   = hash
authorityKeyIdentifier = keyid, issuer:always
extendedKeyUsage       = serverAuth, clientAuth
crlDistributionPoints =
URI:https://dallas.sifytech.com/SIFY_ca/crl/SIFY_CA.crl
subjectAltName        =
DNS:sifytech.com,DNS:www.sifytech.com;DNS:*.sifytech.com,mail.intensify.com,owa.sifytech.com

What could be wrong? Did I miss anything here? Help me out?



--
View this message in context: http://openssl.6102.n7.nabble.com/error-02001002-system-library-fopen-No-such-file-or-directory-crypto-bio-bss-file-c-tp56325.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.

More information about the openssl-users mailing list