self signed certificate

self signed certificate

am 13.03.2003 14:12:23 von Jan Staschulat

Hi, I have problems creating a self signed certificate.
I'm using OpenSSL 0.9.7a on SunOS 5.7 sparc SUNW,Ultra-2
I went through the description of FAQ-page:
http://www.corserv.com/freebsd/apache-ssl-howto.html

OpenSSL quits with the error when I want to sign the server.csr:

$> openssl ca -config ca.config -out server.crt -infiles server.csr
....
Sign the certificate? [y/n]:y
failed to update database
TXT_DB error number 2

I searched on google and found the same question on the modssl-users
mailing list (Dez 2002) , which is still unanswered:

http://www.mail-archive.com/modssl-users@modssl.org/msg15877 .html


Any Ideas?

Jan

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: self signed certificate

am 13.03.2003 14:43:51 von Aaron Stromas

Jan Staschulat said:
> Hi, I have problems creating a self signed certificate.
> I'm using OpenSSL 0.9.7a on SunOS 5.7 sparc SUNW,Ultra-2
> I went through the description of FAQ-page:
> http://www.corserv.com/freebsd/apache-ssl-howto.html
>
> OpenSSL quits with the error when I want to sign the server.csr:
>
> $> openssl ca -config ca.config -out server.crt -infiles server.csr ...
> Sign the certificate? [y/n]:y
> failed to update database
> TXT_DB error number 2
>
> I searched on google and found the same question on the modssl-users
> mailing list (Dez 2002) , which is still unanswered:
>
> http://www.mail-archive.com/modssl-users@modssl.org/msg15877 .html
>
>
> Any Ideas?

My guess is you don't have the database file. On unix system do "touch ",
where is the value of the database in ca.config.

I also remember having to initialise the serial file: echo 00 > serial

HTH
>
> Jan
>
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org


--
Aaron Stromas | "Tik-tik-tik!!!... ja, Pantani is weg..."
ams@izoard.com | BRTN commentator
+1 (301) 493 4933 | L'Alpe d'Huez
http://www.izoard.com | 1995 Tour de France



____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org