E:\WebServ\apache2\bin>openssl req -new -key server.key -out server.cs
Unable to load config info from C:/WebServ/apache2/bin/openssl.cnf
So where or how do I set the path to point to the real location? Is it some variable of the openssl command or is it a environmental variable I set?
The user manual just implicitly refers to stuff and gives random examples. Where are the proper MAN pages for this thing that would explicitly state things like how to set the default path etc?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
E:\WebServ\apache2\bin>openssl ca -config E:\WebServ\apache2\bin\openssl.cnf
Using configuration from E:\WebServ\apache2\bin\openssl.cnf
Loading 'screen' into random state - done
Error opening CA private key ./demoCA/private/cakey.pem
2668:error:02001003:system library:fopen:No such process:.\crypto\bio\bss_file.c
:349:fopen('./demoCA/private/cakey.pem','rb')
2668:error:20074002:BIO routines:FILE_CTRL:system lib:.\crypto\bio\bss_file.c:35
1:
unable to load CA private key
I can see now that the mod_ssl package that comes with the WebServ isn't as simple as setting up configuring Apache - there seems to be an awful lot of stuff - files, whole directories, missing...? Is there any hope?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I created a CA and used that to create certificates. I've edited the ssl.conf and httpd.conf accordingly but I still don't see any improvement. However now I'm out of error messages. Restarting Apache doesn't produce any error messages regarding ssl. Except it doesn't listen to 443 and obviously doesn't respond to https requests - all I get is...
E:\WebServ\apache2\bin>openssl s_client -connect localhost:443 -state -debug
Loading 'screen' into random state - done
connect: Bad file descriptor
connect:errno=10061
can anyone suggest a log files to look into or a debug modes to enable to get some idea of what's going on...
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
its seaching the wrong place...
E:\WebServ\apache2\bin>openssl req -new -key server.key -out server.cs
Unable to load config info from C:/WebServ/apache2/bin/openssl.cnf
So where or how do I set the path to point to the real location? Is it some variable of the openssl command or is it a environmental variable I set?
The user manual just implicitly refers to stuff and gives random examples. Where are the proper MAN pages for this thing that would explicitly state things like how to set the default path etc?
E:\WebServ\apache2\bin>openssl ca -config E:\WebServ\apache2\bin\openssl.cnf
Using configuration from E:\WebServ\apache2\bin\openssl.cnf
Loading 'screen' into random state - done
Error opening CA private key ./demoCA/private/cakey.pem
2668:error:02001003:system library:fopen:No such process:.\crypto\bio\bss_file.c
:349:fopen('./demoCA/private/cakey.pem','rb')
2668:error:20074002:BIO routines:FILE_CTRL:system lib:.\crypto\bio\bss_file.c:35
1:
unable to load CA private key
I can see now that the mod_ssl package that comes with the WebServ isn't as simple as setting up configuring Apache - there seems to be an awful lot of stuff - files, whole directories, missing...? Is there any hope?
I created a CA and used that to create certificates. I've edited the ssl.conf and httpd.conf accordingly but I still don't see any improvement. However now I'm out of error messages. Restarting Apache doesn't produce any error messages regarding ssl. Except it doesn't listen to 443 and obviously doesn't respond to https requests - all I get is...
E:\WebServ\apache2\bin>openssl s_client -connect localhost:443 -state -debug
Loading 'screen' into random state - done
connect: Bad file descriptor
connect:errno=10061
can anyone suggest a log files to look into or a debug modes to enable to get some idea of what's going on...
1º verify the certificates
openssl verify [-CApath directory] [-CAfile file] [-purpose purpose] [-untrusted file] [-help] [-issuer_checks] [-verbose] [-] [certificates]
example:
openssl verify -CAfile CA.CRT client.CRT
openssl verify -CAfile CA.CRT server.CRT