Hi, I'm currently in the process of creating a basic CA using the command-line openssl tool, and I'm currenly metting a strange behavior of the command. When I use :
openssl ca -config $dossier/$config -policy policy_match -out $dossier/subca/$filename.crt -days 3650 -infiles $dossier/requests/$filename.csr But finally say no when openssl asks me weither I want to sign the certificate or not, if I say no, the .crt file is generated anyway but is obviously invalid : [rootca@ca:~]$ openssl x509 -in subca/my_certificate.crt -noout -text unable to load certificate 18660:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:647:Expecting: TRUSTED CERTIFICATE I took a look at the OpenSSL documentation but couldn't find why I meet this behaviour. Any highlights on this ? -- Eric Viseur
