On Sat, Nov 15, 2014 at 06:16:12PM +0100, Joerg Schmitz wrote:
> 7.) Sign the certificate with the CA
> openssl ca -days 365 -in test/certs/caRequest.csr -out
> test/newcerts/caRequest.pem -policy policy_anything
> Using configuration from /home/joerg/cacerts/myca/openssl.cnf
> Enter pass phrase for /home/joerg/cacerts/myca/test/private/cakey.pem:
> unable to load certificate
> 140116933408416:error:0906D06C:PEM routines:PEM_read_bio:no start
> line:pem_lib.c:703:Expecting: TRUSTED CERTIFICATE
> ~~/cacerts/myca$
Your cakey.pem file contains only the key, without the accompanying
self-signec CA certficate. Append the CA's certificate to the
key file, or make sure the CA certificate is configured to be read
from the correct file.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
