Issue generating certificate for a Samba AD - index.txt

Lionel Monchecourt lionel.monchecourt at free.fr
Thu Mar 19 21:07:40 UTC 2020 

Hi Sergio 

Thanks a lot 

My goal is to achieve a SAMBA auth using PKi ( as per ref here :
https://wiki.samba.org/index.php/Samba_AD_Smart_Card_Login ) 

More specifically, related then to openSSL, this chapter

https://wiki.samba.org/index.php/Samba_AD_Smart_Card_Login#Prerequisites

 

sounds achievable for you ? 

Thanks a lot

Lionel

 

 

 

From: Sergio NNX [mailto:sfhacker at hotmail.com] 
Sent: 18 March 2020 23:13
To: Lionel Monchecourt; openssl-users at openssl.org
Subject: Re: Issue generating certificate for a Samba AD - index.txt

 

We have been creating certificates (Root CA, intermediate, end user,
smartcard login, etc) for ages.

We have set up our own PKI infrastructure using openssl command line tool.

If you email us the details/extensions you need your certificates to have,
we can generate some test certs for you.

 

How familiar are you with OpenSSL?

 

Regards.

 

  _____  

From: openssl-users <openssl-users-bounces at openssl.org> on behalf of Lionel
Monchecourt <lionel.monchecourt at free.fr>
Sent: Thursday, 19 March 2020 8:27 AM
To: openssl-users at openssl.org <openssl-users at openssl.org>
Subject: Issue generating certificate for a Samba AD - index.txt 

 

Hi , trying to generate a certify using 

 

openssl copenssl ca -config /etc/ssl/user-openssl.cnf -in dc-req.pem -out
dc-cert.pem

 

I get the following : 

 

Using configuration from /etc/ssl/user-openssl.cnf

Enter pass phrase for ./private/cakey.pem:

139946396877888:error:02001002:system library:fopen:No such file or
directory:../crypto/bio/bss_file.c:69:fopen('./index.txt','r')

139946396877888:error:2006D080:BIO routines:BIO_new_file:no such
file:../crypto/bio/bss_file.c:76:

 

I found a post saying that you just need to create the index.txt file,but it
leads to "no result "

Another post was saying to insert  in the file "unique_subject = no" 

Nothing at all ( putting yes or no ), as attempts.

Any insights ? 

Thx

 

 


 
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campai
gn=sig-email&utm_content=emailclient> 

Virus-free.
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campai
gn=sig-email&utm_content=emailclient> www.avast.com 

 



-- 
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20200319/002d856e/attachment.html>

More information about the openssl-users mailing list