OpenSSL - OpenSSL "ca" Error "stateOrProvinceName field needed to be the same"

OpenSSL "ca" Error "stateOrProvinceName field needed to be the same"

Q

Why I am getting the "The stateOrProvinceName field needed to be the same in the CA certificate (...) and the request (...)" error when running OpenSSL "ca" command?

✍: FYIcenter.com

A

If you are running the OpenSSL "ca" command installed with the slproweb binary package for Windows, you may get the "The stateOrProvinceName field needed to be the same in the CA certificate (...) and the request (...)" error as shown below:

C:\Users\fyicenter>\local\OpenSSL-Win32\bin\openssl.exe

OpenSSL> ca -in test.csr -keyfile my_ca.key -cert my_ca.crt
Using configuration from C:\local\OpenSSL-Win32\bin\openssl.cfg
Enter pass phrase for my_ca.key:
Check that the request matches the signature
Signature ok
The stateOrProvinceName field needed to be the same in the
CA certificate (TX) and the request (NY)
error in ca

This error is caused by the "stateOrProvinceName=match" option in the [policy_match] section in the configuration file. This option limits you to sign a CSR that has the same stateOrProvinceName as you CA certificate.

Fixing this error is easy. Just add "-policy policy_anything" option in the "ca" command to by-pass this requirement.

⇒ OpenSSL "ca" - Sign CSR with CA Certificate

⇐ OpenSSL "ca" - "error while loading serial number"

⇑ OpenSSL "ca" Command

⇑⇑ OpenSSL Tutorials

2016-09-13, 2471👍, 0💬

OpenSSL "ca" Error "unable to open ./demoCA/index.txt"
Why I am getting the "unable to open './demoCA/index.txt'" error when running OpenSSL "ca" command? If you are running the OpenSSL "ca" command installed with the slproweb binary package for Windows, you may get the "unable to open './demoCA/index.txt'" error as shown below: C:\Users\fyicenter&g... 2016-09-18, 8994👍, 0💬

OpenSSL "ca" Error "stateOrProvinceName field needed to be the same"
Why I am getting the "The stateOrProvinceName field needed to be the same in the CA certificate (...) and the request (...)" error when running OpenSSL "ca" command? If you are running the OpenSSL "ca" command installed with the slproweb binary package for Windows, you may get the "The stateOrProvin... 2016-09-13, 2472👍, 0💬

OpenSSL "ca" - Sign CSR with CA Certificate
How to sign a CSR with my CA certificate and private key using OpenSSL "ca" command? I think my configuration file has all the settings for the "ca" command. If you have you configuration file ready and all the required directories and files created, you can sign a CSR with your CA certificate and p... 2016-09-13, 1143👍, 0💬

OpenSSL "ca" - Track CSR Signing History
How to track CSR certificate signing history? I want to know how many CSR I have signed with the OpenSSL "ca" command so far. OpenSSL "ca" command automatically tacks your CSR signing history for you. Each time you sign a CSR and generate a new certificate, it will: Save a copy of the new certificat... 2016-09-13, 1020👍, 0💬

All rights in the contents of this web site are reserved by the individual author. fyicenter.com does not guarantee the truthfulness, accuracy, or reliability of any contents.