<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
David,<br>
<br>
thank you for answering.<br>
<br>
So ignore and eventually Fedora will get updated. :)<br>
<br>
<div class="moz-cite-prefix">On 5/15/23 14:12, David von Oheimb
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:8cbf1f5375de04a2d4c3b970c1bbd8bc4a6506e4.camel@von-Oheimb.de">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div>Hi Bob, </div>
<div><br>
</div>
<div>the below weird behavior is due to minor bugs in certain
situations where the CA app looks for config file entries like
"email_in_dn" that are not present. <br>
Usually these (needless) error messages get discarded, but for
instance when both "default_startdate" and "default_enddate" are
given, this is not done so far.<br>
Fix is in <a
href="https://github.com/openssl/openssl/pull/20971"
moz-do-not-send="true" class="moz-txt-link-freetext">https://github.com/openssl/openssl/pull/20971</a></div>
<div><br>
</div>
<div><span class="Apple-tab-span" style="white-space:pre"> </span>David</div>
<div><br>
</div>
<div>On Sun, 2023-05-14 at 19:23 -0400, Robert Moskowitz wrote:</div>
<blockquote type="cite" style="margin:0 0 0 .8ex; border-left:2px
#729fcf solid;padding-left:1ex">
<div>I am using:<br>
</div>
<div><br>
</div>
<div>openssl ca -config $dir/openssl-root.cnf -extensions
v3_ca<br>
</div>
<div><br>
</div>
<div>With customizations in the cnf.<br>
</div>
<div><br>
</div>
<div>The command generates the cert to sign, but on doing that
(or if I say <br>
</div>
<div>N) throws the errors:<br>
</div>
<div><br>
</div>
<div>Certificate is to be certified until Jun 1 00:00:00 2024
GMT (385 days)<br>
</div>
<div>Sign the certificate? [y/n]:y<br>
</div>
<div>402C4AD0637F0000:error:0700006C:configuration file <br>
</div>
<div>routines:NCONF_get_string:no <br>
</div>
<div>value:crypto/conf/conf_lib.c:315:group=CA_default
name=email_in_dn<br>
</div>
<div>402C4AD0637F0000:error:0700006C:configuration file <br>
</div>
<div>routines:NCONF_get_string:no <br>
</div>
<div>value:crypto/conf/conf_lib.c:315:group=CA_default
name=rand_serial<br>
</div>
<div>402C4AD0637F0000:error:0700006C:configuration file <br>
</div>
<div>routines:NCONF_get_string:no <br>
</div>
<div>value:crypto/conf/conf_lib.c:315:group=CA_default
name=default_days<br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>1 out of 1 certificate requests certified, commit? [y/n]y<br>
</div>
<div>Write out database with 1 new entries<br>
</div>
<div>Data Base Updated<br>
</div>
<div><br>
</div>
<div>I am using specific dates:<br>
</div>
<div><br>
</div>
<div>default_startdate = $ENV::startdate<br>
</div>
<div>default_enddate = $ENV::enddate<br>
</div>
<div><br>
</div>
<div> Validity<br>
</div>
<div> Not Before: May 1 00:00:00 2023 GMT<br>
</div>
<div> Not After : Jun 1 00:00:00 2024 GMT<br>
</div>
<div><br>
</div>
<div>and it is getting the serial number<br>
</div>
<div><br>
</div>
<div>serial = $dir/serial<br>
</div>
<div><br>
</div>
<div> Serial Number:<br>
</div>
<div> 98:3f:27:9d:c7:3c:69:13<br>
</div>
<div><br>
</div>
<div>And why complaining about email_in_dn?<br>
</div>
<div><br>
</div>
<div>I do get the cert out, but why these errors and what should
I be doing <br>
</div>
<div>about them?<br>
</div>
<div><br>
</div>
<div>thanks<br>
</div>
<div><br>
</div>
</blockquote>
</blockquote>
<br>
</body>
</html>