Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (83)
EC Keys (2463)
Firefox (30)
General (10)
Google Chrome (25)
Intermediate CA (152)
Java VM (29)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (21)
OpenSSL (236)
Other (7)
Portecle (38)
Publishers (6626)
Revoked Certificates (16)
Root CA (85)
RSA Keys (5339)
Tools (46)
Tutorial (1)
What Is (22)
Windows (127)
Collections:
Other Resources:
OpenSSL "x509 -req" - Error "my_ca.srl: No error"
Why I am getting the "my_ca.srl: No error" error when trying to sign a CSR with OpenSSL "x509" command?
✍: FYIcenter.com
You are getting the "my_ca.srl: No error" error when using OpenSSL "x509" command to sign a CSR, because OpenSSL is not able to access the default serial number file: my_ca.srl.
When using "x509" command to sign CSR, you have to use the following options to help OpenSSL to manage how serial number should be provided to the new certificates.
The test shows you how to create a default serial number file:
C:\Users\fyicenter>copy CON my_ca.srl 1000 <Ctrl-Z> C:\Users\fyicenter>copy CON my_ca.srl 613 my_ca.crl 1,094 my_ca.crt 1,041 my_ca.key C:\Users\fyicenter>\local\OpenSSL\openssl OpenSSL> x509 -req -in my_rsa.csr -CA my_ca.crt -CAkey my_ca.key -out my_rsa.crt Signature ok subject=/C=us/ST=NY/L=New York/O=Donald Inc./OU=IT/CN=www.donald.inc/emailAddres s=john@donald.inc Getting CA Private Key Enter pass phrase for my_ca.key: OpenSSL> x509 -in my_rsa.crt -serial -noout serial=1001
⇒ OpenSSL "x509 -pubkey" - Export Public Key"
2018-02-08, 12628🔥, 0💬
Popular Posts:
How to export my private key and public key pair with it's certificates into a PKCS #12 keystore fil...
Certificate Summary: Subject: ZeroSSL RSA Domain Secure Site CA Issuer: USERTrust RSA Certification ...
Certificate summary - Owner: PositiveSSL CA 2, COMODO CA Limited, L=Salford, ST=Greater Manchester, ...
Certificate summary - Owner: EMAILADDRESS=rsakeonroot sign@rsasecurity.com,RSA Public Root CA v1, RS...
The policy of a certification authority (CA) determines the types of certificates a user can request...