Reputation: 161
Error opening CA private key on Ubuntu
I am trying to create a self-signed certificate using OpenSSL on Ubuntu 14.04.
When I enter the command openssl ca -in tempreq.pem -out server_crt.pem, I get the following error:
Using configuration from /root/myCA/caconfig.cnf
**Error opening CA private key** ~/myCA/private/cakey.pem
139754719667872:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('~/myCA/private/cakey.pem','r')
139754719667872:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
unable to load CA private key
I have already verified that nano ~/myCA/private/cakey.pem command opens the cakey.pem file, and that the read permission for this file is enabled.
Any help will be appreciated. Thanks!
Upvotes: 9
Views: 24925
Answers (1)
Reputation: 433
You seem to be running as root, check that you haven't accidentally followed the instructions on the ubuntu.com OpenSSL article too literally and set the dir param in /root/myCA/caconfig.cnf to /home/root/myCA.
This as the root home dir differs from all other home directories by residing in the top folder. So if you have set it to /home/root/myCA, that is not valid, you have to change it to /root/myCA.
Edit (as this was the problem):
Using "~" in the configuration might not work as it might not be expanded properly by openssl. If you are, try use absolute paths instead.
Upvotes: 7
Related Questions
- Openssl : error "self signed certificate in certificate chain"
- Can't get private key with openssl (no start line:pem_lib.c:703:Expecting: ANY PRIVATE KEY)
- Unable to open SSL private key [Expecting: TRUSTED CERTIFICATE]
- Error opening CA private key when Create the intermediate pair
- OpenSSL: Unable to Load Certificate
- openssl Unable to load private key PEM_do_header:bad decrypt
- OpenSSL Private Key Error when creating P12 Certificate
- "Error opening CA private key" on Windows
- OpenSSL certificate error
- Error when check private key with certificate