openssl ca works, but with error messages
Robert Moskowitz
rgm at htt-consult.com
Sun May 14 23:23:44 UTC 2023
I am using:
openssl ca -config $dir/openssl-root.cnf -extensions v3_ca
With customizations in the cnf.
The command generates the cert to sign, but on doing that (or if I say
N) throws the errors:
Certificate is to be certified until Jun 1 00:00:00 2024 GMT (385 days)
Sign the certificate? [y/n]:y
402C4AD0637F0000:error:0700006C:configuration file
routines:NCONF_get_string:no
value:crypto/conf/conf_lib.c:315:group=CA_default name=email_in_dn
402C4AD0637F0000:error:0700006C:configuration file
routines:NCONF_get_string:no
value:crypto/conf/conf_lib.c:315:group=CA_default name=rand_serial
402C4AD0637F0000:error:0700006C:configuration file
routines:NCONF_get_string:no
value:crypto/conf/conf_lib.c:315:group=CA_default name=default_days
1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
I am using specific dates:
default_startdate = $ENV::startdate
default_enddate = $ENV::enddate
Validity
Not Before: May 1 00:00:00 2023 GMT
Not After : Jun 1 00:00:00 2024 GMT
and it is getting the serial number
serial = $dir/serial
Serial Number:
98:3f:27:9d:c7:3c:69:13
And why complaining about email_in_dn?
I do get the cert out, but why these errors and what should I be doing
about them?
thanks
More information about the openssl-users
mailing list