OpenSSL "ca" - "error while loading CRL number"
Why I am getting the "error while loading CRL number" error when running OpenSSL "ca -gencrl" command?
If you are running the OpenSSL "ca -gencrl" command installed with the slproweb binary package for Windows, you may get the "error while loading CRL number" error as shown below:
C:\Users\fyicenter>\local\OpenSSL-Win32\bin\openssl.exe OpenSSL> ca -gencrl -keyfile my_ca.key -cert my_ca.crt Using configuration from C:\local\OpenSSL-Win32\bin\openssl.cfg Enter pass phrase for my_ca.key:fyicenter ./demoCA/crlnumber: No such file or directory error while loading CRL number 2508:error:02001002:system library:fopen:No such file or directory: .\crypto\bio\bss_file.c:398:fopen('./demoCA/crlnumber','rb') 2508:error:20074002:BIO routines:FILE_CTRL:system lib:.\crypto\bio\bss_file.c: 400:error in ca
This error is caused by the "dir=./demoCA" and "crlnumber=$dir/crlnumber" options in the configuration file. These options requires you to have a file called "\demoCA\crlnumber" under the current directory to be used as a CRL number register. You have to set an initial value like "1000" in the file. After that OpenSSL will increment the value each time a new certificate is generated.
Fixing this error is easy. Just create the serial number file: ./demoCA/crlnumber, as shown below:
C:\Users\fyicenter>copy CON demoCA\crlnumber 1000 <Ctrl>-Z 1 file(s) copied. C:\Users\fyicenter>dir demoCA\crlnumber 10:27 PM 6 crlnumber
Note that the value 1000 is a hexadecimal format, which is 4096 in decimal format.
Also note that press <Ctrl>-Z is to end the input stream to finish the copy command.
2016-09-10, 4095👍, 0💬
After signing for the Root and Intermediate CA. when i try to sign a server_cert the following error...
Certificate summary - Owner: Baltimore CyberTrust Root, CyberTrust, Baltimore, IE Issuer: GTE CyberT...
How can I use Mozilla "certutil -V" command? What are command options supported by "certutil -V"? Th...
Certificate summary - Owner: *.xunlei.com, System engineering department, ShenZhen Thunder Networkin...
Certificate Summary: Subject: signin.ebay.com Issuer: VeriSign Class 3 Extended Validation SSL CA Ex...