[openssl-users] Errors on EndEntity cert generation
Robert Moskowitz
rgm at htt-consult.com
Fri Jul 27 17:07:20 UTC 2018
The hits just keep on coming. Made my cert req,
openssl req -config $dir/openssl-intermediate.cnf\
-key $dir/private/$serverfqdn.key.$format \
-subj "$DN" -new -out $dir/csr/$serverfqdn.csr.$format
DN='/C=US/ST=MI/L=Oak Park/O=HTT Consulting'
then tried to make the cert with:
openssl ca -config $dir/openssl-intermediate.cnf -days 375\
-extensions server_cert -notext -md null \
-in $dir/csr/$serverfqdn.csr.$format\
-out $dir/certs/$serverfqdn.cert.$format
(note use of -md null and nothing got the earlier error)
Using configuration from /root/ca/intermediate/openssl-intermediate.cnf
Enter pass phrase for /root/ca/intermediate/private/intermediate.key.pem:
Error Loading extension section server_cert
3065065488:error:0E06D06C:configuration file
routines:NCONF_get_string:no
value:crypto/conf/conf_lib.c:275:group=CA_default name=email_in_dn
3065065488:error:0E06D06C:configuration file
routines:NCONF_get_string:no
value:crypto/conf/conf_lib.c:275:group=CA_default name=rand_serial
3065065488:error:2206D06C:X509 V3 routines:X509V3_parse_list:invalid
null name:crypto/x509v3/v3_utl.c:360:
3065065488:error:22097069:X509 V3 routines:do_ext_nconf:invalid
extension
string:crypto/x509v3/v3_conf.c:93:name=crlDistributionPoints,section=
3065065488:error:22098080:X509 V3 routines:X509V3_EXT_nconf:error in
extension:crypto/x509v3/v3_conf.c:47:name=crlDistributionPoints, value=
Please help me with these latest errors.
Thanks
More information about the openssl-users
mailing list