OpenSSL "ca" Error "... directory for new certificate ..."
Why I am getting the "there needs to be defined a directory for new certificate to be placed in" error when running OpenSSL "ca" command?
You are getting the "there needs to be defined a directory for new certificate to be placed in" error, because OpenSSL "ca" command can not find the required "new_certs_dir" option in the configuration file.
For example, if you have the follow configuration file, test.cnf, without "new_certs_dir" option defined:
C:\Users\fyicenter>type test.cnf # Unnamed section of generic options # section for the "default_ca" option [ca] default_ca = my_ca_default
You will get an error, because "new_certs_dir" is a required option:
C:\Users\fyicenter>\local\OpenSSL-Win32\bin\openssl.exe OpenSSL> ca -in test.csr -keyfile my_ca.key -cert my_ca.crt -config test.cnf Using configuration from test.cnf Enter pass phrase for my_ca.key:fyicenter there needs to be defined a directory for new certificate to be placed in 5956:error:0E06D06C:configuration file routines:NCONF_get_string: no value:.\crypto\conf\conf_lib.c:324:group=my_ca_default name=new_certs_dir error in ca
Fixing this error is easy. Just add the "new_certs_dir" option in the section pointed by the "default_ca" option in the configuration file:
C:\Users\fyicenter>type test.cnf # Unnamed section of generic options # section for the "default_ca" option [ca] default_ca = my_ca_default # default section for "ca" command options [my_ca_default] new_certs_dir = ./my_ca/certs
Remember to create directory .\my_ca\certs, if it does not exist. A copy of each new certificate will be stored in this directory.
2016-09-09, 3737👍, 0💬
What is the ASN.1 (or ASN1) file structure supported by OpenSSL? ASN.1 (Abstract Syntax Notation One...
Where to click to get more Website information in Google Chrome? I want to know if the page I am int...
I need a certificate to connect my facebook-profile and my hotmail. I have not been able to find the...
How to use the "keytool -certreq" command? I have have created a new pair of public key and private ...
How to how generate a DER with a nested SEQUENCE ASN.1 structure using the OpenSSL "ans1parse" comma...