From: Ireneusz R. <jo...@wp...> - 2001-11-20 17:22:27
|
On Tue, 20 Nov 2001, Michael Bell wrote: > > i have SNAMP-20011105, is ot too old ? :) > I remember Massimiliano recommends 20011108+. So you should follow the > recommendation. Well, i just installed 20011119, should be right ? But still the same problem... Once again In logs (httpd-ca-error.log) there are: Generating RSA private key, 1024 bit long modulus ...........++++++ .++++++ e is 65537 (0x10001) Using configuration from /usr/local/OpenCA/conf/openssl/openssl.cnf unable to load Private Key Can't call method "getTXT" on an undefined value at cmds/genCAReq line 71, <FD> line 32. Compilation failed in require at /home/httpd/cgi-ca/ca line 169, <FD> line 32. I've done some tests and i found that: [root@jorgi private]# /usr/local/bin/openssl OpenSSL> genrsa -des 1024 Generating RSA private key, 1024 bit long modulus .................++++++ ....++++++ e is 65537 (0x10001) Enter PEM pass phrase: Verifying password - Enter PEM pass phrase: everything is ok, i have a key and: [root@jorgi private]# /usr/local/bin/openssl rsa -in cakey.pem -text -noout read RSA key unable to load key So it seems that openssl-SNAP-20011119 is buggy i think... I have done the same procedure with /usr/bin/openssl which is my stable OPENSSL and in last stage i have good answer form openssl: [root@jorgi private]# /usr/bin/openssl rsa -in cakey.pem -text read RSA key Enter PEM pass phrase: Private-Key: (2048 bit) modulus: 00:d5:51:85:c0:21:84:a5:7f:01:eb:46:1d:8e:49: [cut] In snap version, openssl even don't ask for the passphrase. I can not find SNAP-20011108 version of openssl so i can't test if it's ok. Could it be there something om my machine worth checking ? BTW: It seems that keys generated (in initalizing CA) are ok, becouse i can generate request using standard stable OpenSSL, etc. -- jorgi |