Hi all, I'm rather new to openssl and I'm trying to generate a certificate with the following commands: openssl req -new -config openssl.cnf -out \ intermail_ca_cert_request.pem -keyout intermail_ca_privkey.pem # openssl x509 -req -in intermail_ca_cert_request.pem \ -signkey intermail_ca_privkey.pem -extfile openssl.cnf -extensions v3_ca \ -out intermail_ca_cert.pem # openssl x509 -in intermail_ca_cert.pem -out intermail_ca_cert.out \ -CAkey intermail_ca_privkey.pem -CA intermail_ca_cert.pem \ -CAserial serial -days 500 Unfortunatly the last command generate the following error: error with certificate to be certified - should be self signed I don't anderstand what I'm doing wrong. The whole output looks like following: wcwe00qf # sh gencert.sh Using configuration from openssl.cnf Generating a 1024 bit RSA private key ........................................++++++ .....................................++++++ writing new private key to 'intermail_ca_privkey.pem' Enter PEM pass phrase: Verifying password - Enter PEM pass phrase: ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [CH]: State or Province Name (full name) [BE]: Locality Name (eg, city) [Bern]: Organization Name (eg, company) [Swisspost]: Organizational Unit Name (eg, section) [ITS2]: Organizational Unit Name (eg, section) [maurerf]: Common Name (eg, YOUR name) [[EMAIL PROTECTED]]: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: Signature ok subject=/C=CH/ST=BE/L=Bern/O=Swisspost/OU=ITS2/CN=maurerf/Email=maurerf@post .ch Getting Private key Enter PEM pass phrase: Getting CA Private Key Enter PEM pass phrase: error with certificate to be certified - should be self signed wcwe00qf # Any hints are greatly appreciated. __________________________________________________ Felix Maurer Die Schweizerische Post Tel: +41-31-338 98 49 Information Technologie Services Fax: +41-31-338 98 80 Messaging Management Webergutstrasse 12 Mailto:[EMAIL PROTECTED] CH-3030 Bern http://www.post.ch http://www.ymail.ch __________________________________________________ ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
