Greetings
I am trying to learn how to set up a small multilevel CA. Im using the openssl-1.0.1h. And the computer runs linux. I did the following: --A- generate rootCA openssl req \ -new \ -config openssl.cnf_ \ -out ROOTCAReq.pem \ -keyout ROOTCAKey.pem \ -B- generated a crl )r rootCA with openssl ca \ -gencrl \ -config openssl.cnf \ -out crl/crl01.pem \ -C- setup LEVEL1 CA with openssl req \ -new \ -config openssl.cnf \ -out level1/LEVELCAReq.pem \ -keyout level1/private/LEVEL1CAKey.pem \ ( then sign it with the ROOTCAkey. ) --D- created a certificate trust chain with cat ROOTCACert.pem level1/LEVEL1CACert.pem >\ TrustChainCACert.pem --E-- tried to generate crl for LEVEL1 CA with openssl ca \ -gencrl \ -crldays 60 \ -config openssl.cnf \ -keyfile LEVEL1CAKey.pem \ -out level1/crl/crl01.pem \ but I keep getting the following errors:- ################ Using configuration from openssl.cnf Error opening CA private key level1/private/LEVEL1CAKey.pem 139899027933056:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('level1/private/LEVEL1CAKey.pem','r') 139899027933056:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400: unable to load CA private key ############## help would be apprecuiated sincerely luxInteg ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org