[openssl-users] database openssl

Sampei sampei02 at tiscali.it
Thu May 31 13:03:21 UTC 2018 

  

Oh, It's a good starter point. 
Openssl, installed in old server,
is 0.9.7e version. 
Openssl, installed in new server, is -0.9.8e verson.

In old server I searched .cnf files and I found several files which are
/usr/local/openssl-0.9.7e/xxx/yyyyy.cnf 
where  
xxx= is directory, 

yyyy = name of .cnf file 
I queried to
/var/cache/yum/updates-released/packages/openssl-0.9.7a-33.10.i686.rpm
in old server, I got:

/lib/libcrypto.so.0.9.7a
/lib/libssl.so.0.9.7a
/usr/bin/openssl
/usr/share/doc/openssl-0.9.7a
/usr/share/doc/openssl-0.9.7a/CHANGES
/usr/share/doc/openssl-0.9.7a/FAQ
/usr/share/doc/openssl-0.9.7a/INSTALL
/usr/share/doc/openssl-0.9.7a/LICENSE
/usr/share/doc/openssl-0.9.7a/NEWS
/usr/share/doc/openssl-0.9.7a/README
/usr/share/doc/openssl-0.9.7a/c-indentation.el
/usr/share/doc/openssl-0.9.7a/openssl.txt
/usr/share/doc/openssl-0.9.7a/openssl_button.gif
/usr/share/doc/openssl-0.9.7a/openssl_button.html
/usr/share/doc/openssl-0.9.7a/ssleay.txt
/usr/share/man/man1/asn1parse.1ssl.gz
/usr/share/man/man1/ca.1ssl.gz
/usr/share/man/man1/ciphers.1ssl.gz
/usr/share/man/man1/crl.1ssl.gz
/usr/share/man/man1/crl2pkcs7.1ssl.gz
/usr/share/man/man1/dgst.1ssl.gz
/usr/share/man/man1/dhparam.1ssl.gz
/usr/share/man/man1/dsa.1ssl.gz
/usr/share/man/man1/dsaparam.1ssl.gz
/usr/share/man/man1/enc.1ssl.gz
/usr/share/man/man1/gendsa.1ssl.gz
/usr/share/man/man1/genrsa.1ssl.gz
/usr/share/man/man1/md2.1ssl.gz
/usr/sh
are/man/man1/md4.1ssl.gz
/usr/share/man/man1/md5.1ssl.gz
/usr/share/man/man1/mdc2.1ssl.gz
/usr/share/man/man1/nseq.1ssl.gz
/usr/share/man/man1/ocsp.1ssl.gz
/usr/share/man/man1/openssl.1ssl.gz
/usr/share/man/man1/pkcs12.1ssl.gz
/usr/share/man/man1/pkcs7.1ssl.gz
/usr/share/man/man1/pkcs8.1ssl.gz
/usr/share/man/man1/req.1ssl.gz
/usr/share/man/man1/ripemd160.1ssl.gz
/usr/share/man/man1/rsa.1ssl.gz
/usr/share/man/man1/rsautl.1ssl.gz
/usr/share/man/man1/s_client.1ssl.gz
/usr/share/man/man1/s_server.1ssl.gz
/usr/share/man/man1/sess_id.1ssl.gz
/usr/share/man/man1/sha.1ssl.gz
/usr/share/man/man1/sha1.1ssl.gz
/usr/share/man/man1/smime.1ssl.gz
/usr/share/man/man1/speed.1ssl.gz
/usr/share/man/man1/spkac.1ssl.gz
/usr/share/man/man1/sslpasswd.1ssl.gz
/usr/share/man/man1/sslrand.1ssl.gz
/usr/share/man/man1/verify.1ssl.gz
/usr/share/man/man1/version.1ssl.gz
/usr/share/man/man1/x509.1ssl.gz
/usr/share/man/man5/config.5ssl.gz
/usr/share/man/man7/DES.7ssl.gz
/usr/share/man/man7/Modes.7ssl.gz
/usr/share
/man/man7/des_modes.7ssl.gz
/usr/share/man/man7/of.7ssl.gz
/usr/share/ssl
/usr/share/ssl/CA
/usr/share/ssl/CA/private
/usr/share/ssl/cert.pem
/usr/share/ssl/certs
/usr/share/ssl/certs/Makefile
/usr/share/ssl/certs/ca-bundle.crt
/usr/share/ssl/certs/make-dummy-cert
/usr/share/ssl/lib
/usr/share/ssl/misc
/usr/share/ssl/misc/CA
/usr/share/ssl/misc/c_hash
/usr/share/ssl/misc/c_info
/usr/share/ssl/misc/c_issuer
/usr/share/ssl/misc/c_name
/usr/share/ssl/openssl.cnf
/usr/share/ssl/private

I don't understand because rpm has no reference to
"/usr/local/openssl-0.9.7e/" path where there .cnf configuration files.


Il 29.05.2018 10:43 Jan Just Keijser ha scritto: 

> Hi,
> 
> On
29/05/18 09:47, Sampei wrote:
> 
>> I'm using Linux server to create
temporary CA and I know openssl maintains a text database of issued
certificates and their status. Now I need to migrate this server to
another one, so I ask myself how can I export this db. thanks
> 
> the
openssl CA "database" usually consists of two files. The location of
these files is specified in the openssl.cnf file. The 
> files are
>
serial - containing the last issued serial number
> index.txt -
containing the list of all issued, expired and revoked certificates.
>

> As I said, the location of these files is depending on how you set up
your temporary CA.
> 
> HTH,
> 
> JJK

Il 29.05.2018 13:12 Jakob Bohm ha
scritto: 

> On 29/05/2018 10:43, Jan Just Keijser wrote:
> 
>> Hi, On
29/05/18 09:47, Sampei wrote: 
>> 
>>> I'm using Linux server to create
temporary CA and I know openssl maintains a text database of issued
certificates and their status. Now I need to migrate this server to
another one, so I ask myself how can I export this db. thanks
>> the
openssl CA "database" usually consists of two files. The location of
these files is specified in the openssl.cnf file. The files are serial -
containing the last issued serial number index.txt - containing the list
of all issued, expired and revoked certificates. As I said, the location
of these files is depending on how you set up your temporary CA.
> 
>
Additionally, the openssl ca command stores the complete value of each
>
issued certificate in a subdirectory specified in openssl.cnf, this
>
may be needed/useful when importing to other CA software.
> 
> Also note
that unless a special setting is included (I forget where),
> the
openssl ca database will be in a different (older) format that
> only
remembers the most recently issued certificate for a given
> subject
distinguished name.
> 
> Enjoy
> 
> Jakob
> -- 
> Jakob Bohm, CIO,
Partner, WiseMo A/S. https://www.wisemo.com [1]
> Transformervej 29,
2860 Søborg, Denmark. Direct +45 31 13 16 10
> This public discussion
message is non-binding and may contain errors.
> WiseMo - Remote Service
Management for PCs, Phones and Embedded
> 
> -- openssl-users mailing
list To unsubscribe:
https://mta.openssl.org/mailman/listinfo/openssl-users [2]
 



Con Mobile Open 6 GB hai 6 Giga, 600 minuti e 300 SMS per il tuo smartphone a 9€ al mese per sempre. Passa ora a Tiscali Mobile, il nostro mese è vero! http://tisca.li/Open6GB0318

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180531/72fe1cfc/attachment-0001.html>

More information about the openssl-users mailing list