----- Original Message ----- From: "George A. Theall" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Sunday, February 09, 2003 5:48 PM Subject: Re: nessus-mkcert failing
On Sun, Feb 09, 2003 at 11:35:16PM +0000, [EMAIL PROTECTED] wrote: > My output from rpm -qa | grep -i ssl is: > openssl-0.9.6-3 ... > openssl-devel-0.9.6-3 ... > openssl095a-0.9.5a-1 >What is this last one? That is, what does "rpm -qi openssl095a" >produce? Name : openssl095a Relocations: (not relocateable) Version : 0.9.5a Vendor: Red Hat, Inc. Release : 1 Build Date: Fri 02 Mar 2001 06:19:29 PM PST Install date: Sat 08 Feb 2003 08:57:10 AM PST Build Host: porky.devel.redhat.com Group : System Environment/Libraries Source RPM: openssl095a-0.9.5a-1.src.rpm Size : 1589362 License: BSDish Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> URL : http://www.openssl.org/ Summary : The OpenSSL toolkit. Description : The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. I think you may be right, and I am not certain how that happened, unless I forgot to check if an older version was installed before installing the new one. >It looks like you may have two versions of OpenSSL installed. > > > Then asks if I want to save output to /root/openssl-output, which I > > > do, I find in there that the keys are not created. > > > > That file should contain stderr output from running the OpenSSL commands > > for generating your CA and server requests, keys and certs. What does > > it look like? You didn't answer this. Generating RSA private key, 1024 bit long modulus ..++++++ ........++++++ e is 65537 (0x10001) Using configuration from /tmp/nessus-mkcert.1401/std.cnf You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [FR]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:problems making Certificate Request 1421:error:0D11A0A3:asn1 encoding routines:ASN1_mbstring_copy:string too long:a_mbstr.c:154:maxsize=64 Generating RSA private key, 1024 bit long modulus ................++++++ ................................................++++++ e is 65537 (0x10001) Using configuration from /tmp/nessus-mkcert.1401/std.cnf You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [FR]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, your name or your server's hostname) []:Email Address []:Using configuration from /tmp/nessus-mkcert.1401/std.cnf /usr/local/com/nessus/CA/cacert.pem: No such file or directory trying to load CA certificate 1425:error:02001002:system library:fopen:No such file or directory:bss_file.c:245:fopen('/usr/local/com/nessus/CA/cacert.pem','r') 1425:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:247: Does this clear some things up George? I am noting that it appears to have a problem finding certain system libraries, but I installed all the libraries. I am perplexed. But refuse to give up. With some direction I know I can get through this part. I do appreciate the assistance. Shawn
