OpenSSL - error 18 at 0 depth lookup:self signed certificate

Question

I was trying to create a SSL certificate to use with MySQL as like mentioned here : http://dev.mysql.com/doc/refman/5.5/en/creating-ssl-certs.html

While verifying the certificates I got the following error

  # openssl verify -CAfile ca-cert.pem server-cert.pem client-cert.pem     server-cert.pem: C = IN, ST = KERALA, L = COCHIN, O = ABCD, OU = OPERATIONAL, CN = SATHISH, emailAddress = [email protected]     error 18 at 0 depth lookup:self signed certificate     OK     client-cert.pem: C = IN, ST = KERALA, L = COCHIN, O = ABCD, OU = OPERATIONAL, CN = sathish, emailAddress = [email protected]     error 18 at 0 depth lookup:self signed certificate     OK 

Could someone help me on generating keys without any errors based on the document in the above link.

Answer 1

I think you missed this part of the instructions:

Whatever method you use to generate the certificate and key files, the Common Name value used for the server and client certificates/keys must each differ from the Common Name value used for the CA certificate. Otherwise, the certificate and key files will not work for servers compiled using OpenSSL.

When OpenSSL prompts you for the Common Name for each certificate, use different names.