openssl create certificate and key

Question

[OpenSSL v1.1.0f]

I am using the following command to create a self-signed certificate, for test purposes only:

$ openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 10000 -nodes

However I get the messages like this:

Can't open /usr/local/ssl/openssl.cnf for reading, No such file or directory
140480609138432:error:02001002:system library:fopen:No such file or directory:crypto/bio/bss_file.c:74:fopen('/usr/local/ssl/openssl.cnf','r')
140480609138432:error:2006D080:BIO routines:BIO_new_file:no such file:crypto/bio/bss_file.c:81:
Generating a 4096 bit RSA private key
..................................++
.................................................................................................................................................................................................................++
writing new private key to 'key.pem'
-----
unable to find 'distinguished_name' in config
problems making Certificate Request
140480609138432:error:0E06D06A:configuration file routines:NCONF_get_string:no conf or environment variable:crypto/conf/conf_lib.c:272:

What can I do to solve this?

Answer 1

Normally openssl would use a default config but seems like you don't have it at the right place. You can also pass a config file as a command line parameter. Note the -config option.

openssl req -x509 -config openssl.cnf -newkey rsa:4096 -keyout key.pem -out cert.pem -days 10000 -nodes