[Touch-packages] [Bug 1422011] Re: CA.pl does not use CA_default dir in openssl.cnf correctly

Mon, 12 Dec 2016 07:56:09 -0800 

Here's the workaround I use for this.

 * Set everything apart from dir in openssl.conf
 * Create the CA
 * Rename the folder
 * Set dir to what you named the folder.

All subsequent operations like generating keys, signing certs etc. work
fine. It's just the initial CA generation that doesn't.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1422011

Title:
  CA.pl does not use CA_default dir in openssl.cnf correctly

Status in openssl package in Ubuntu:
  Confirmed

Bug description:
  I changed the CA directory to a different path in openssl.cnf:

  [ CA_default ]

  dir             = ./something_different

  CA.pl -newca will not work succeed.

  jan@x61s:~$ /usr/lib/ssl/misc/CA.pl -newca
  CA certificate filename (or enter to create)

  Making CA certificate ...
  Generating a 2048 bit RSA private key
  ...................+++
  ............................................+++
  writing new private key to './demoCA/private/cakey.pem'

  The key gets written to ./demoCA instead of ./something_different.
  CA.pl ignores setting in openssl.cnf until it changes its mind later
  in the process:

  [...]
  Using configuration from /usr/lib/ssl/openssl.cnf
  Enter pass phrase for ./demoCA/private/cakey.pem:
  I am unable to access the ./something_different/newcerts directory
  ./something_different/newcerts: No such file or directory
  jan@x61s:~$

  jan@x61s:~$ lsb_release -rd
  Description:    Ubuntu 14.04.1 LTS
  Release:        14.04
  jan@x61s:~$ apt-cache policy openssl
  openssl:
    Installiert:           1.0.1f-1ubuntu2.8
    Installationskandidat: 1.0.1f-1ubuntu2.8
    Versionstabelle:
   *** 1.0.1f-1ubuntu2.8 0
          500 http://de.archive.ubuntu.com/ubuntu/ trusty-updates/main amd64 
Packages
          500 http://security.ubuntu.com/ubuntu/ trusty-security/main amd64 
Packages
          100 /var/lib/dpkg/status
       1.0.1f-1ubuntu2 0
          500 http://de.archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1422011/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to