I want create restAPI with self-signed SSL.I install openSSl and want generate key with this command
openssl req -x509 -newkey rsa:4096 -nodes -out cert.pem -keyout key.pem -days 365
but I get error.
Can't open "C:\Program Files\OpenSSL-Win64\bin openssl.cfg" for reading, No such file or directory
202E0000:error:80000002:system library:BIO_new_file:No such file or directory:crypto\bio\bss_file.c:67:calling fopen(C:\Program Files\OpenSSL-Win64\bin openssl.cfg, r)
202E0000:error:10000080:BIO routines:BIO_new_file:no such file:crypto\bio\bss_file.c:75:
I try
set OPENSSL_CONF=C:\Program Files\OpenSSL-Win64\bin openssl.cfg
but it dont solve my problem
If the openssl.cfg is in ....\bin then the setting should be set OPENSSL_CONF=C:\Program Files\OpenSSL-Win64\bin\openssl.cfg, i.e. the last space in your setting should be instead a\
Related
I am trying to generate the Self-Signed SSL Certificate on windows local system by following steps: https://devcenter.heroku.com/articles/ssl-certificate-self#generate-ssl-certificate
But after running following command in OpenSSL:
x509 -req -sha256 -days 365 -in server.csr -signkey server.key -out server.crt
I am getting error:
8780:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:707:Expect ing: CERTIFICATE REQUEST
error in x509
How to solve this issue?
The command you search for is:
openssl req -x509 -newkey -sha256 -keyout key.pem -out cert.pem -days 365
As already mention in comments you need to tell openssl this is new key (-newkey)
How do l run the csr generation command on cmd.exe
openssl req -nodes -newkey rsa:2048 -keyout www_mydomain_com.key -out www_mydomain_com.csr -subj "/C=BB/ST=CCC/L=DDD/O=EEE./OU=IT/CN=mydomain.com"
Open cmd.exe, go to your OpenSSL installation folder, let's say "C:\OpenSSL", then go to "bin" and place your command.
So I was implementing rush in Orion Context Broker Server instance, and whenever I try to start the contextBroker with the following command:
contextBroker -rush localhost:1234 -https -key privkey.pem -cert cert.csr
, I'm getting the following error:
E#18:16:11 loadFile[1101]: error opening 'privkey.pem': No such file or directory
X#18:16:11 main[1258]: Error loading private server key from 'privkey.pem'
I generated my private key with the following command, I don't know if it's correct:
openssl genrsa -des3 -out privkey.pem 2048
And I generated my certificate with the following command:
openssl req -new -key privkey.pem -out cert.csr
Do I'm doing something wrong?
You have to use absolute path names, i.e.:
contextBroker -rush localhost:1234 -https -key /path/to/privkey.pem -cert /path/to/cert.csr
A note has been added to CLI commands documenation to make this clearer.
In addition, you may find useful the following script on how to generate the needed files:
...
openssl genrsa -out "$keyFileName" 1024 > /dev/null 2>&1
openssl req -days 365 -out "$certFileName" -new -x509 -key "$keyFileName" -subj "$OPTIONS" > /dev/null 2>&1
I would like to get SSL running on my subdomain api.rofulus.com
I checked out https://modulus.io/codex/projects/ssl
I created a certificate and key with:
openssl req -nodes -newkey rsa:2048 -keyout myserver.key -out server.csrls
I registered me on namecheap an bought a positiveSSL
https://www.namecheap.com/security/ssl-certificates/domain-validation.aspx
I uploaded the content of the server file to namecheap and I received 3 files:
api_rofulus_com.crt
PositiveSSLCA2.crt
AddTrustExternalCARoot.crt
But for custom SSL I need content of a key file. But my myserver.key is empty. So where or how can I get the key?
Thanks for help!
By using this command you have created certificate request server.csr:
openssl req -nodes -newkey rsa:2048 -keyout myserver.key -out server.csr
To see the contents of the request you can use:
openssl req -noout -text -in server.csr
Then you have uploaded server.csr to namecheap and got your certificates.
If your private key (myserver.key) is empty then i think you somehow corrupted it. You can reissue you certificate with the new key and certificate request. Drop a line to namecheap support, i think they can resolve this situation.
Using Apache 2.2, SSL is configured. I am creating the key and temporary cert in command prompt. When I use
openssl genrsa -des3 -out server.key 1024
I am returned this output :
WARNING: can't open config file:
z:/strawberry_libs/build/2013Q3_/ssl/openssl. cnf error on line -1
of C:\Program Files\Apache Software Foundation\Apache2.2\conf\o
penssl.cnf
and then it creates the key.
So good and fine. The error is bothersome. Then I try to make the cert with
openssl req -new -key server.key -out server.csr
Now it shows an error and wont create it.
C:\temp>openssl req -new -key server.key -out server.csr WARNING:
can't open config file:
z:/strawberry_libs/build/2013Q3/ssl/openssl.cnf Unable to load
config info from z:/strawberry_libs/build/2013Q3/ssl/openssl.cnf
Not exactly sure how to proceed at this point as I can't get past this step for my assignment without the certification. If there is another way, or a way to correct the error that would be great.