Re: 1st time through, only -- "Can't open root/database.attr for reading, No such file or directory" ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, Jun 4, 2017 at 8:57 PM, Jeffrey Walton <noloader@xxxxxxxxx> wrote:
> On Sun, Jun 4, 2017 at 7:56 PM, PGNet Dev <pgnet.dev@xxxxxxxxx> wrote:
>> On 6/4/17 4:51 PM, Jeffrey Walton wrote:
>>>>
>>>> but the process STARTS with an apparently non-fatal error ...
>>>>
>>>>          Using configuration from /home/sec/newCA/openssl.cnf
>>>>          Can't open root/database.attr for reading, No such file or
>>>> directory
>>>>          140013244086016:error:02001002:system
>>>> library:fopen::crypto/bio/bss_file.c:74:fopen('root/database.attr','r')
>>>>          140013244086016:error:2006D080:BIO routines:BIO_new_file:no such
>>>> file:crypto/bio/bss_file.c:81:
>>>
>>>
>>> This usually indicates the OpenSSL conf file cannot be found. Its odd
>>> that "Using configuration from /home/sec/newCA/openssl.cnf" is
>>> reported.
>>>
>>> Maybe you can try `OPENSSL_CONF=/home/sec/newCA/openssl.cnf <command>`
>>> to isolate the issue (or maybe rule out its not a conf file problem).
>>
>>
>> The message above doesn't indicate that openssl.cnf can't be found.  In fact
>> it explcitly states that it IS found and IS using it
>>
>>>>          Using configuration from /home/sec/newCA/openssl.cnf
>>
>> It's the same openssl.cnf used in all the PRIOR steps, with not problem
>> whatsoever.
>>
>> Rather it's
>>
>>>>          Can't open root/database.attr for reading, No such file or
>>>> directory
>>
>> that's not found.
>>
>> I've found that if I simply
>>
>>         touch root/database.attr
>>         touch intermediate/database.attr
>>
>> as already's been done with
>>
>>         touch root/database
>>         touch intermediate/database
>
> Oh, I was not aware you were skipping steps. I guess that explains the
> unusual results.

BTW, I believe you are also supposed to add an initial serial number.
Something like:

    echo "0" > serialno.txt

Check your conf file for the filename.

(The information is somewhere in the docs. It may be in the
Certificates HOWTO or the CA HOWTO).

Jeff
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux