Re: Error reading private key file

Thu, 14 Aug 2003 20:49:52 -0700 

 linux> hi all,I'v port openssl to vxworks with wind web server
 linux> successfully.  but doday I refer to another board which I run
 linux> my application on.

 linux> I download the all needed pem file to the flash memory,but I
 linux> boot my board,I find error below:

 linux> sslCertificateInit: Error reading private key file -
 linux> error:0906D06C:PEM routines:PEM_read_bio:no start line
 linux> sslLibServerInit: Could not initialize site certificate.

 linux> I don't know what is wrong,it seems i change nothing:(

I am not an OpenSSL coder.  However, 

 cd crypto/pem
 grep "no start line" *.c

 pem_err.c:{PEM_R_NO_START_LINE,"no start line"},

 grep PEM_R_NO_START_LINE *.c

 pem_err.c:{PEM_R_NO_START_LINE,"no start line"},
 pem_info.c:    if (error == PEM_R_NO_START_LINE)
 pem_lib.c:             PEM_R_NO_START_LINE)
 pem_lib.c:     PEMerr(PEM_F_PEM_READ_BIO,PEM_R_NO_START_LINE);

Look at the grep output and it seem the last line is one to look at.
>From the code, it looks like the file does not exist.  I am not sure
if the vxWorks "stat" would work like the OpenSSL coders think?  I
guess that you are using DosFs as a file system?

Two things are possible, you have given the wrong file name (or
non-existant).  The OpenSSL code may continue due to some
idiosyncratic feature of vxWorks.  For instance an
open(xxxx,RD_ONLY,0) might return an FD for a non-existent file, etc.
So check that you have the correct path.

If the file does exist, it might be that you have a DOS line ending.
It looks like the code is using sequences like this,

    "if (strncmp(&(buf[11+i-6]),"-----\n",6) != 0)"

If the file is open as "text", this would work fine where
"host==target".  However, it is possible that you are developing
vxWorks on NT and the vxWorks function default to Unix.  Check the
mode of the PEM file to verify that it is Unix format.

I guess you are using a PPC target?  I asked a few month ago how to
change the configure so that I could use "ararm", "ldarm", etc.  These
special cross binutils are needed as the host object format is not the
same as the target object format.

fwiw,
Bill Pringlemeir.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to