在Centos创建openssl证书失败。提示“/etc/pki/CA/index.txt: No such file or directory“

报错信息如下

Using configuration from /etc/pki/tls/openssl.cnf
Enter pass phrase for ca.key:
/etc/pki/CA/index.txt: No such file or directory
unable to open '/etc/pki/CA/index.txt'
139883256969032:error:02001002:system library:fopen:No such file or directory:bss_file.c:355:fopen('/etc/pki/CA/index.txt','r')
139883256969032:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:357:

解决方法

  1. 创建index.txt文件
#touch /etc/pki/CA/index.txt
  1. Create a serial file to label the CA and all subsequent certificates.
#echo '1000' > /etc/pki/CA/serial
  1. 重新生成证书
[root@158 tls]# openssl ca -in server.csr -out server.crt -cert ca.crt -keyfile ca.key -extensions v3_req -config openssl.cnf
Using configuration from openssl.cnf
Enter pass phrase for ca.key:
Check that the request matches the signature
Signature ok
Certificate Details:
        Serial Number: 4097 (0x1001)
        Validity
            Not Before: Mar  1 03:16:55 2021 GMT
            Not After : Mar  1 03:16:55 2022 GMT
        Subject:
            countryName               = xx
            stateOrProvinceName       = xx
            organizationName          = xx
            organizationalUnitName    = xx
            commonName                = 192.168.1.10
            emailAddress              = xx@qq.com
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Key Usage: 
                Digital Signature, Non Repudiation, Key Encipherment
Certificate is to be certified until Mar  1 03:16:55 2022 GMT (365 days)
Sign the certificate? [y/n]:y


1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
最后修改:2021 年 03 月 01 日 11 : 41 AM
如果觉得我的文章对你有用,请随意赞赏