Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (70)
EC Keys (922)
Firefox (30)
General (10)
Google Chrome (25)
Intermediate CA (152)
Java VM (29)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (21)
OpenSSL (236)
Other (7)
Portecle (38)
Publishers (3189)
Revoked Certificates (16)
Root CA (85)
RSA Keys (2561)
Tools (46)
Tutorial (1)
What Is (22)
Windows (127)
Collections:
Other Resources:
OpenSSL "ca" Error "lookup failed for ca::database"
Why I am getting the "variable lookup failed for ca::database" error when running OpenSSL "ca" command?
✍: FYIcenter.com
You are getting the "variable lookup failed for ca::database" error,
because OpenSSL "ca" command can not find the required "database" option
in the configuration file.
For example, if you have the follow configuration file, test.cnf, without "database" option defined:
C:\Users\fyicenter>type test.cnf # Unnamed section of generic options # section for the "default_ca" option [ca] default_ca = my_ca_default # default section for "ca" command options [my_ca_default] new_certs_dir = ./my_ca/certs
You will get an error, because "database" is a required option:
C:\Users\fyicenter>\local\OpenSSL-Win32\bin\openssl.exe OpenSSL> ca -in test.csr -keyfile my_ca.key -cert my_ca.crt -config test.cnf Using configuration from test.cnf Enter pass phrase for my_ca.key:fyicenter variable lookup failed for my_ca_default::database 2896:error:0E06D06C:configuration file routines:NCONF_get_string: no value:.\crypto\conf\conf_lib.c:324:group=my_ca_default name=database error in ca
Fixing this error is easy. Just add the "database" option in the section pointed by the "default_ca" option in the configuration file:
C:\Users\fyicenter>type test.cnf # Unnamed section of generic options # section for the "default_ca" option [ca] default_ca = my_ca_default # default section for "ca" command options [my_ca_default] new_certs_dir = ./my_ca/certs database = ./my_ca/certs.db
Remember to create empty file .\my_ca\certs.db, if it does not exist. This database file will be used to track each new certificate and revoked certificate.
⇒ OpenSSL "ca" Error "lookup failed for ca::default_md"
⇐ OpenSSL "ca" Error "... directory for new certificate ..."
2016-09-08, 13522👍, 0💬
Popular Posts:
Certificate Summary: Subject: thawte Primary Root CA - G2 Issuer: thawte Primary Root CA - G2 Expira...
Certificate summary - Owner: Baltimore CyberTrust Root, CyberTrust, Baltimore, IE Issuer: GTE CyberT...
Certificate Summary: Subject: RapidSSL SHA256 CA - G4 Issuer: GeoTrust Primary Certification Authori...
Certificate summary - Owner: www.xing.com, COMODO EV SSL, Comodo EV SSL, XING AG, STREET=Dammtorstra...
Certificate Summary: Subject: DigiCert SHA2 Secure Server CA Issuer: DigiCert Global Root CA Expirat...