This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: openssl errors creating password for certificate authority (CA Request)


Here's the steps in creating the CA request and self-signed cert:

[ ! -d /etc/pki/root ] && mkdir -p /etc/pki/root/ && chmod -f 00700 /etc/pki/root/
cd /etc/pki/root/
/usr/bin/openssl rand -out .rnd0 1024
/usr/bin/openssl rand -out .rnd1 1024
/usr/bin/openssl rand -out .rnd2 1024
/usr/bin/openssl rand -out .rnd3 1024
/usr/bin/openssl rand -out .rnd4 1024
/usr/bin/openssl rand -out .rnd5 1024
/usr/bin/openssl rand -out .rnd6 1024
/usr/bin/openssl rand -out .rnd7 1024
/usr/bin/openssl rand -out .rnd8 1024
/usr/bin/openssl rand -out .rnd9 1024
/usr/bin/openssl rand -out .rnd10 1024
/usr/bin/openssl rand -out .rnd11 1024
/usr/bin/openssl rand -out .rnd12 1024
/usr/bin/openssl rand -out .rnd13 1024
/usr/bin/openssl rand -out .rnd14 1024
/usr/bin/openssl rand -out .rnd15 1024
/usr/bin/openssl rand -out .rnd16 1024
/usr/bin/openssl rand -out .rnd17 1024
/usr/bin/openssl rand -out .rnd18 1024
/usr/bin/openssl rand -out .rnd19 1024

chmod -f 00600 .rnd[0123456789] .rnd1[0123456789]

[ ! -d /etc/pki/private ] && mkdir -p /etc/pki/private/ && chmod -f 00700 /etc/pki/private/
cd /etc/pki/private/
/usr/bin/openssl rand -out .rand 1024

cd /etc/pki/root/
/usr/bin/openssl genrsa -rand .rnd0:.rnd1:.rnd2:.rnd3:.rnd4:.rnd5:.rnd6:.rnd7:.rnd8:.rnd9:.rnd10:.rnd11:.rnd12:.rnd13:.rnd14:.rnd15:.rnd16:.rnd17:.rnd18:.rnd19 -out server.key 1024
/usr/bin/openssl req -new -key server.key -out server.csr
/usr/bin/openssl req -noout -text -in server.csr
/usr/bin/openssl x509 -req -days 3065 -in server.csr -signkey server.key -out server.crt

FYI: I performed the same script on RHES 5.3 with complete success when using the Challenge Password and Optional Company Name. If not used, it works fine.

Thanks, and regards,
Auteria W. Winzer Jr.

--- On Thu, 8/28/08, Corinna Vinschen <corinna-cygwin@cygwin.com> wrote:

> From: Corinna Vinschen <corinna-cygwin@cygwin.com>
> Subject: Re: openssl errors creating password for certificate authority (CA  Request)
> To: cygwin@cygwin.com
> Date: Thursday, August 28, 2008, 10:21 AM
> On Aug 28 16:00, Dr. Volker Zell wrote:
> > FWIW, I'm in the process of updating neon to the
> latest version and see the same error in the latest neon
> test suite with
> > openssl-0.9.8h (the latest):
> > 
> >   Write out database with 1 new entries
> >   Data Base Updated
> >   + MKPKCS12='/usr/bin/openssl pkcs12 -export
> -passout stdin -in client.cert -inkey client.key'
> >   + echo foobar
> >   + /usr/bin/openssl pkcs12 -export -passout stdin -in
> client.cert -inkey client.key -name 'Just A Neon Client
> Cert' -out client.p12
> >   4212:error:0D0BA041:asn1 encoding
> routines:ASN1_STRING_set:malloc failure:asn1_lib.c:381:
> >   4212:error:0B08A041:x509 certificate
> routines:X509_ATTRIBUTE_set1_data:malloc
> failure:x509_att.c:317:
> > 
> > The test suite worked fine with the previous version
> of neon (the
> > current in cygwin 1.5) and openssl-0.9.8g (current at
> that time).
> 
> Looks like an upstream bug then.  The above example is also
> not
> self-contained.  How did you create the client.cert and
> client.key
> files?
> 
> 
> Corinna
> 
> -- 
> Corinna Vinschen                  Please, send mails
> regarding Cygwin to
> Cygwin Project Co-Leader          cygwin AT cygwin DOT com
> Red Hat
> 
> --
> Unsubscribe info:     
> http://cygwin.com/ml/#unsubscribe-simple
> Problem reports:       http://cygwin.com/problems.html
> Documentation:         http://cygwin.com/docs.html
> FAQ:                   http://cygwin.com/faq/

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]