Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Error opening CA private key on Ubuntu

I am trying to create a self-signed certificate using OpenSSL on Ubuntu 14.04. When I enter the command openssl ca -in tempreq.pem -out server_crt.pem, I get the following error:

Using configuration from /root/myCA/caconfig.cnf  
**Error opening CA private key** ~/myCA/private/cakey.pem  
139754719667872:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('~/myCA/private/cakey.pem','r')  
139754719667872:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:  
unable to load CA private key

I have already verified that nano ~/myCA/private/cakey.pem command opens the cakey.pem file, and that the read permission for this file is enabled.

Any help will be appreciated. Thanks!

like image 228
Neo_999 Avatar asked Jan 11 '15 19:01

Neo_999


1 Answers

You seem to be running as root, check that you haven't accidentally followed the instructions on the ubuntu.com OpenSSL article too literally and set the dir param in /root/myCA/caconfig.cnf to /home/root/myCA.

This as the root home dir differs from all other home directories by residing in the top folder. So if you have set it to /home/root/myCA, that is not valid, you have to change it to /root/myCA.

Edit (as this was the problem):

Using "~" in the configuration might not work as it might not be expanded properly by openssl. If you are, try use absolute paths instead.

like image 154
Nicklas Börjesson Avatar answered Oct 15 '22 03:10

Nicklas Börjesson