Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (70)
EC Keys (867)
Firefox (30)
General (10)
Google Chrome (25)
Intermediate CA (152)
Java VM (29)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (21)
OpenSSL (236)
Other (7)
Portecle (38)
Publishers (3101)
Revoked Certificates (16)
Root CA (85)
RSA Keys (2498)
Tools (46)
Tutorial (1)
What Is (22)
Windows (127)
Collections:
Other Resources:
OpenSSL "ca" Error "stateOrProvinceName field needed to be the same"
Why I am getting the "The stateOrProvinceName field needed to be the same in the CA certificate (...) and the request (...)" error when running OpenSSL "ca" command?
✍: FYIcenter.com
If you are running the OpenSSL "ca" command installed
with the slproweb binary package for Windows,
you may get the "The stateOrProvinceName field needed to be the same in the
CA certificate (...) and the request (...)" error as shown below:
C:\Users\fyicenter>\local\OpenSSL-Win32\bin\openssl.exe OpenSSL> ca -in test.csr -keyfile my_ca.key -cert my_ca.crt Using configuration from C:\local\OpenSSL-Win32\bin\openssl.cfg Enter pass phrase for my_ca.key: Check that the request matches the signature Signature ok The stateOrProvinceName field needed to be the same in the CA certificate (TX) and the request (NY) error in ca
This error is caused by the "stateOrProvinceName=match" option in the [policy_match] section in the configuration file. This option limits you to sign a CSR that has the same stateOrProvinceName as you CA certificate.
Fixing this error is easy. Just add "-policy policy_anything" option in the "ca" command to by-pass this requirement.
⇒ OpenSSL "ca" - Sign CSR with CA Certificate
2016-09-13, 4603👍, 0💬
Popular Posts:
How to download OpenSSL for Windows? I heard that OpenSSL is a nice free tool to manage keys and cer...
Certificate summary - Owner: EMAILADDRESS=root@localh ost.localdomain,localhost.localdomain, IT, MyC...
How to view a CRL in text format using the OpenSSL "crl" command? I want to see what certificates ar...
Certificate summary - Owner: www.gmx.net, GMX, 1&1 Mail & Media GmbH, L=Montabaur, ST=Rhinel...
How to delete a certificate from a certificate store with Microsoft "certutil" tool? If you want to ...