At 15:49 18-12-2006, you wrote:
So solved this problem.
First deinstall the openssl 0.9.8d than go to /usr/bin and form this catalog
delete openssl
after this install openssl form ports
Then try CA.pl (should works)
I did it on FreeBSD 6.0 release
regards
Maciej
Thanks Maciej!
I also deleted the openssl-dir in /usr/local -
just to be sure it was all gone...
Now it works.
Jeppe
Jeppe Bundsgaard wrote:
>
> I have just upgraded to FreeBSD 6.1 - hoping that it would solve the
> problem - but no...
> So I guess that even when reinstalling openssl the CA.pl-script
> remains the same - so how do I upgrade this script. Can I just find
> it on CVS and overwrite it?
> Jeppe
> At 09:05 18-12-2006, you wrote:
>>Which platform you're using? I tried openssl 0.9.8d in Fedora 3,
>>the same problem occurs.
>>Then I tried it on Cygwin (the same zip contents), everything work just
fine
>>
>>
>>-------- Original Message --------
>>Subject: Re:Creating CA problem
>>From: Jeppe Bundsgaard <[EMAIL PROTECTED]>
>>To: openssl-users@openssl.org
>>Date: Mon Dec 18 2006 05:02:34 GMT+0800
>>
>>>Hi
>>>I have the same problem. I have tried to deinstall and reinstall openssl
>>>(and manually deleting misc where CA.pl is located) - but I still get the
>>>error. What shall I do to get the newer version of CA.pl?
>>>Regards
>>>Jeppe
>>>MaciekZ wrote:
>>>>Thx it works pretty fine now.
>>>>Thx for your help
>>>>
>>>>Best regards
>>>>Maciek
>>>>
>>>>MaciekZ wrote:
>>>>>Hello everyone :)
>>>>>
>>>>>I have a problem with creating CA with CA.pl script
>>>>>
>>>>>Whenever I run ./CA-.pl -newca everything works fine until the script
>>>>>displays unknown option -create_serial
>>>>>%cd /usr/local/openssl/misc/
>>>>>%./CA.pl -newca
>>>>>
>>>>>CA certificate filename (or enter to create)
>>>>>
>>>>>Making CA certificate ...
>>>>>Generating a 1024 bit RSA private key
>>>>>.........++++++
>>>>>........++++++
>>>>>writing new private key to './demoCA/private/cakey.pem'
>>>>>Enter PEM pass phrase:
>>>>>Verifying - Enter PEM pass phrase:
>>>>>-----
>>>>>You are about to be asked to enter information that will be
incorporated
>>>>>into your certificate request.
>>>>>What you are about to enter is what is called a Distinguished Name or a
>>>>>DN.
>>>>>There are quite a few fields but you can leave some blank
>>>>>For some fields there will be a default value,
>>>>>If you enter '.', the field will be left blank.
>>>>>-----
>>>>>Country Name (2 letter code) [AU]:PL
>>>>>State or Province Name (full name) [Some-State]:Slaskie
>>>>>Locality Name (eg, city) []:Katowice
>>>>>Organization Name (eg, company) [Internet Widgits Pty Ltd]:Dom
>>>>>Organizational Unit Name (eg, section) []:WR
>>>>>Common Name (eg, YOUR name) []:Maciek
>>>>>Email Address []:[EMAIL PROTECTED]
>>>>>
>>>>>Please enter the following 'extra' attributes
>>>>>to be sent with your certificate request
>>>>>A challenge password []:
>>>>>An optional company name []:
>>>>>unknown option -create_serial
>>>>>usage: ca args
>>>>>
>>>>> -verbose - Talk alot while doing things
>>>>> -config file - A config file
>>>>> -name arg - The particular CA definition to use
>>>>> -gencrl - Generate a new CRL
>>>>> -crldays days - Days is when the next CRL is due
>>>>> -crlhours hours - Hours is when the next CRL is due
>>>>> -startdate YYMMDDHHMMSSZ - certificate validity notBefore
>>>>> -enddate YYMMDDHHMMSSZ - certificate validity notAfter (overrides
>>>>>-days)
>>>>> -days arg - number of days to certify the certificate for
>>>>> -md arg - md to use, one of md2, md5, sha or sha1
>>>>> -policy arg - The CA 'policy' to support
>>>>> -keyfile arg - private key file
>>>>> -keyform arg - private key file format (PEM or ENGINE)
>>>>> -key arg - key to decode the private key if it is encrypted
>>>>> -cert file - The CA certificate
>>>>> -in file - The input PEM encoded certificate request(s)
>>>>> -out file - Where to put the output file(s)
>>>>> -outdir dir - Where to put output certificates
>>>>> -infiles .... - The last argument, requests to process
>>>>> -spkac file - File contains DN and signed public key and
>>>>> challenge
>>>>> -ss_cert file - File contains a self signed cert to sign
>>>>> -preserveDN - Don't re-order the DN
>>>>> -noemailDN - Don't add the EMAIL field into certificate' subject
>>>>> -batch - Don't ask questions
>>>>> -msie_hack - msie modifications to handle all those universal
>>>>>strings
>>>>> -revoke file - Revoke a certificate (given in file)
>>>>> -subj arg - Use arg instead of request's subject
>>>>> -extensions .. - Extension section (override value in config file)
>>>>> -extfile file - Configuration file with X509v3 extentions to add
>>>>> -crlexts .. - CRL extension section (override value in config
>>>>> file)
>>>>> -engine e - use engine e, possibly a hardware device.
>>>>> -status serial - Shows certificate status given the serial number
>>>>> -updatedb - Updates db for expired certificates
>>>>>
>>>>>when I used CA.sh -newca the script insted of unknown option
>>>>>-create_serial dislayed unknown options -selfsign
>>>>>
>>>>>I didn't make any changes in files CA.pl CA.sh and openssl.cnf. What
>>>>>should I change in order to cretate CA ??
>>>>>Should I modify something?
>>>>>
>>>>>I'm using FreeBSD 6.0 RELASE #p15 with custom kernel and openssl-0.9.8d
>>>>>instaled form ports
>>>>>
>>>>>Thx for your time and help
>>>>>
>>>>>With regards
>>>>>
>>>>>Maciek
>>>>>
>>>>>
>>>>>
>>______________________________________________________________________
>>OpenSSL Project http://www.openssl.org
>>User Support Mailing List openssl-users@openssl.org
>>Automated List Manager [EMAIL PROTECTED]
>
>
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager [EMAIL PROTECTED]
>
>
--
View this message in context:
http://www.nabble.com/Creating-CA-problem-tf2723833.html#a7929966
Sent from the OpenSSL - User mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
Jeppe Bundsgaard
Adjunkt i Kommunikative Kompetencer
Danmarks Pædagogiske Universitet - The Danish
University of Education. http://www.dpu.dk
Institut for Curriculumforskning
Tuborgvej 164 - DK-2400 - København NV
Tlf.: +45 8888 9882
Email: [EMAIL PROTECTED]
Hjemmeside: http://www.jeppe.bundsgaard.net
Privat tlf.: 66 19 26 06
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]