Collections:
Other Resources:
OpenSSL "ca" Error "lookup failed for ca::database"
Why I am getting the "variable lookup failed for ca::database" error when running OpenSSL "ca" command?
✍: FYIcenter.com
You are getting the "variable lookup failed for ca::database" error,
because OpenSSL "ca" command can not find the required "database" option
in the configuration file.
For example, if you have the follow configuration file, test.cnf, without "database" option defined:
C:\Users\fyicenter>type test.cnf # Unnamed section of generic options # section for the "default_ca" option [ca] default_ca = my_ca_default # default section for "ca" command options [my_ca_default] new_certs_dir = ./my_ca/certs
You will get an error, because "database" is a required option:
C:\Users\fyicenter>\local\OpenSSL-Win32\bin\openssl.exe OpenSSL> ca -in test.csr -keyfile my_ca.key -cert my_ca.crt -config test.cnf Using configuration from test.cnf Enter pass phrase for my_ca.key:fyicenter variable lookup failed for my_ca_default::database 2896:error:0E06D06C:configuration file routines:NCONF_get_string: no value:.\crypto\conf\conf_lib.c:324:group=my_ca_default name=database error in ca
Fixing this error is easy. Just add the "database" option in the section pointed by the "default_ca" option in the configuration file:
C:\Users\fyicenter>type test.cnf # Unnamed section of generic options # section for the "default_ca" option [ca] default_ca = my_ca_default # default section for "ca" command options [my_ca_default] new_certs_dir = ./my_ca/certs database = ./my_ca/certs.db
Remember to create empty file .\my_ca\certs.db, if it does not exist. This database file will be used to track each new certificate and revoked certificate.
⇒ OpenSSL "ca" Error "lookup failed for ca::default_md"
⇐ OpenSSL "ca" Error "... directory for new certificate ..."
2016-09-08, 16🔥, 0💬
Popular Posts:
Certificate summary - Owner: VeriSign Class 3 Public Primary Certification Authority - G5, "(c) 2006...
Certificate summary - Owner: *.allrecipes.com, allrecipes.com, L=Seattle, ST=Washington, US Issuer: ...
Certificate summary - Owner: *.b.ssl.fastly.net, "Fastly, Inc.", L=San Francisco, ST=California, US ...
Certificate summary - Owner: *.dropbox.com, "Dropbox, Inc.", L=San Francisco, ST=California, US Issu...
How to generate a new DH key pair with a longer key size using OpenSSL "genpkey" command? If you nee...