[openssl-users] Intermediate cert file failure

Robert Moskowitz rgm at htt-consult.com
Fri Jul 27 15:25:25 UTC 2018


on a default_md error:

    openssl req -config $cadir/openssl-root.cnf\
        -key $dir/private/intermediate.key.$format \
        -keyform $format -outform $format -subj "$DN" -new\
        -out $dir/csr/intermediate.csr.$format

format=pem

    openssl rand -hex $sn > $dir/serial # hex 8 is minimum, 19 is maximum

    openssl ca -config $cadir/openssl-root.cnf -days 3650\
        -extensions v3_intermediate_ca -notext\
        -in $dir/csr/intermediate.csr.$format\
        -out $dir/certs/intermediate.cert.pem

Using configuration from /root/ca/openssl-root.cnf
Enter pass phrase for /root/ca/private/ca.key.pem:
Can't open /root/ca/intermediate/index.txt.attr for reading, No such 
file or directory
3064446992:error:02001002:system library:fopen:No such file or 
directory:crypto/bio/bss_file.c:72:fopen('/root/ca/intermediate/index.txt.attr','r')
3064446992:error:2006D080:BIO routines:BIO_new_file:no such 
file:crypto/bio/bss_file.c:79:
variable lookup failed for CA_default::default_md
3064446992:error:0E06D06C:configuration file 
routines:NCONF_get_string:no 
value:crypto/conf/conf_lib.c:275:group=CA_default name=default_md

Why is it asking for index.txt.attr?  I made serial which at least with 
ecdsa overrode using index.txt?

And then default_md is commented out in both my .cnf files.




More information about the openssl-users mailing list