Hi All,
I am working on an OpenSSL program i found on the linuxjournal <http://www.linuxjournal.com/article/4822> the program seems to work ok, except for the fact that the certificates have expired! So i looked up numerous tutorials on CA.pl in order to create my own certificates, however im still having trouble. Description: I create a CA via - perl CA.pl -newca (everything seems grand) cp demoCA/cacert.pem root.pem (i think this is correct, should it be root.pem) Now i have my CA authority and my CA authority set up and my root.pem I dont really know what dh1024.pem is so i just used the version shipped with it ........ cp ORIGS/dh1024.pem Setting up my server.pem - perl CA.pl -newreq I give the server all the same info as given the CA inc Comman Name Then i sign it - perl CA.pl -sign Now i copy the RSA private key part of newreq.pem to server.pem and the Certificate part of newcert to server.pem So when i try start up the wserver i get the following error: bash-2.05$ wserver Can't read key file 25817:error:06065064:digital envelope routines:EVP_DecryptFinal:bad decrypt:evp_enc.c:438: 25817:error:0906A065:PEM routines:PEM_do_header:bad decrypt:pem_lib.c:421: 25817:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib:ssl_rsa.c:707: bash-2.05$ However, when i use your certs that you posted on : http://www.mail-archive.com/openssl-dev@openssl.org/msg19236.html It does not give me this error (it gives me some Common Name error later in the code but i presume this is normal as they are not my certs). Can i ask what you did to set up your certs that i did not do? Any help would be very much appreciated. Thank you, Mark Warren ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
