Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (83)
EC Keys (2415)
Firefox (30)
General (10)
Google Chrome (25)
Intermediate CA (152)
Java VM (29)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (21)
OpenSSL (236)
Other (7)
Portecle (38)
Publishers (6558)
Revoked Certificates (16)
Root CA (85)
RSA Keys (5292)
Tools (46)
Tutorial (1)
What Is (22)
Windows (127)
Collections:
Other Resources:
OpenSSL "ca" Error "... directory for new certificate ..."
Why I am getting the "there needs to be defined a directory for new certificate to be placed in" error when running OpenSSL "ca" command?
✍: FYIcenter.com
You are getting the "there needs to be defined a directory for new certificate to be placed in" error, because OpenSSL "ca" command can not find the required "new_certs_dir" option in the configuration file.
For example, if you have the follow configuration file, test.cnf, without "new_certs_dir" option defined:
C:\Users\fyicenter>type test.cnf # Unnamed section of generic options # section for the "default_ca" option [ca] default_ca = my_ca_default
You will get an error, because "new_certs_dir" is a required option:
C:\Users\fyicenter>\local\OpenSSL-Win32\bin\openssl.exe OpenSSL> ca -in test.csr -keyfile my_ca.key -cert my_ca.crt -config test.cnf Using configuration from test.cnf Enter pass phrase for my_ca.key:fyicenter there needs to be defined a directory for new certificate to be placed in 5956:error:0E06D06C:configuration file routines:NCONF_get_string: no value:.\crypto\conf\conf_lib.c:324:group=my_ca_default name=new_certs_dir error in ca
Fixing this error is easy. Just add the "new_certs_dir" option in the section pointed by the "default_ca" option in the configuration file:
C:\Users\fyicenter>type test.cnf # Unnamed section of generic options # section for the "default_ca" option [ca] default_ca = my_ca_default # default section for "ca" command options [my_ca_default] new_certs_dir = ./my_ca/certs
Remember to create directory .\my_ca\certs, if it does not exist. A copy of each new certificate will be stored in this directory.
⇒ OpenSSL "ca" Error "lookup failed for ca::database"
2016-09-09, 12370👍, 0💬
Popular Posts:
Certificate summary - Owner: twitter.com, Twitter Security, "Twitter, Inc.", STREET="795 Folsom St, ...
Certificate summary - Owner: *.rapidgator.net, Domain Control Validated - RapidSSL(R), See www.rapid...
Certificate summary - Owner: *.myntra.com, Domain Control Validated Issuer: SERIALNUMBER=07969287, G...
Certificate Summary: Subject: *.wikipedia.org Issuer: RapidSSL CA Expiration: 2016-07-19 06:17:12 UT...
Certificate summary - Owner: *.blogger.com, Google Inc, L=Mountain View, ST=California, US Issuer: G...