OpenSSL "ca" - "error while loading serial number"
Why I am getting the "error while loading serial number" error when running OpenSSL "ca" command?
✍: FYIcenter.com
If you are running the OpenSSL "ca" command installed
with the slproweb binary package for Windows,
you may get the "error while loading serial number" error as shown below:
C:\Users\fyicenter>\local\OpenSSL-Win32\bin\openssl.exe
OpenSSL> ca -in test.csr -keyfile my_ca.key -cert my_ca.crt
Using configuration from C:\local\OpenSSL-Win32\bin\openssl.cfg
Enter pass phrase for my_ca.key:
./demoCA/serial: No error
error while loading serial number
5016:error:02001002:system library:fopen:No such file or directory:
.\crypto\bio\bss_file.c:398:fopen('./demoCA/serial','rb')
5016:error:20074002:BIO routines:FILE_CTRL:system lib:.\crypto\bio\bss_file.c:400:
error in ca
This error is caused by the "dir=./demoCA" and "serial=$dir/serial" options in the configuration file. These options requires you to have a file called "\demoCA\serial" under the current directory to be used as a serial number register. You have to set an initial value like "1000" in the file. After that OpenSSL will increment the value each time a new certificate is generated.
Fixing this error is easy. Just create the serial number file: ./demoCA/serial, as shown below:
C:\Users\fyicenter>copy CON demoCA\serial
1000
<Ctrl>-Z
1 file(s) copied.
C:\Users\fyicenter>dir demoCA\serial
10:27 PM 6 index.txt
Note that the value 1000 is a hexadecimal format, which is 4096 in decimal format.
Also note that press <Ctrl>-Z is to end the input stream to finish the copy command.
⇒ OpenSSL "ca" Error "stateOrProvinceName field needed to be the same"
2016-09-13, 6766👍, 0💬