Issue generating certificate for a Samba AD - index.txt

Sergio NNX sfhacker at hotmail.com
Wed Mar 18 22:13:04 UTC 2020


We have been creating certificates (Root CA, intermediate, end user, smartcard login, etc) for ages.
We have set up our own PKI infrastructure using openssl command line tool.
If you email us the details/extensions you need your certificates to have, we can generate some test certs for you.

How familiar are you with OpenSSL?

Regards.

________________________________
From: openssl-users <openssl-users-bounces at openssl.org> on behalf of Lionel Monchecourt <lionel.monchecourt at free.fr>
Sent: Thursday, 19 March 2020 8:27 AM
To: openssl-users at openssl.org <openssl-users at openssl.org>
Subject: Issue generating certificate for a Samba AD - index.txt


Hi , trying to generate a certify using



openssl copenssl ca -config /etc/ssl/user-openssl.cnf -in dc-req.pem -out dc-cert.pem



I get the following :



Using configuration from /etc/ssl/user-openssl.cnf

Enter pass phrase for ./private/cakey.pem:

139946396877888:error:02001002:system library:fopen:No such file or directory:../crypto/bio/bss_file.c:69:fopen('./index.txt','r')

139946396877888:error:2006D080:BIO routines:BIO_new_file:no such file:../crypto/bio/bss_file.c:76:



I found a post saying that you just need to create the index.txt file,but it leads to “no result “

Another post was saying to insert  in the file “unique_subject = no”

Nothing at all ( putting yes or no ), as attempts…

Any insights ?

Thx



[https://ipmcdn.avast.com/images/icons/icon-envelope-tick-round-orange-animated-no-repeat-v1.gif]<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient>      Virus-free. www.avast.com<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20200318/e3b7615c/attachment.html>


More information about the openssl-users mailing list