[openssl-users] Openssl 1.1.0: x509: Bad format "engine"; must be pem or der
Sahil Malhotra
sahil.malhotra at nxp.com
Fri Jun 15 05:40:50 UTC 2018
Hi All,
I am trying to create a self-signed certificate using the following commands.
Working with engine_pkcs11 provided by opensc/libp11.
When I was running these commands with openssl 1.0.2, these were working fine.
When I tried running with openssl 1.1.0, Getting the following error.
Can anyone please help to find what I am doing wrong ?
root at Ubuntu:~/new#
root at Ubuntu:~/new# /usr/bin/openssl req -engine pkcs11 -new -key "pkcs11:model=;manufacturer=ABC;serial=1;token=ABC_TOKEN;id=%01%00%00%00;object=Device_Key;type=private" -keyform engine -out req.pem -text -x509 -subj "/CN=NXP Semiconductor"
engine "pkcs11" set.
root at Ubuntu:~/new#
root at Ubuntu:~/new#
root at Ubuntu:~/new#
root at Ubuntu:~/new# /usr/bin/openssl x509 -engine pkcs11 -keyform engine -signkey "pkcs11:model=;manufacturer=ABC;serial=1;token=ABC_TOKEN;id=%01%00%00%00;object=Device_Key;type=private " -in req.pem -out cert.pem
engine "pkcs11" set.
x509: Bad format "engine"; must be pem or der
x509: Invalid format "engine" for -keyform
x509: Use -help for summary.
root at Ubuntu:~/new#
root at Ubuntu:~/new#
Regards,
Sahil Malhotra
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180615/ae535e95/attachment.html>
More information about the openssl-users
mailing list