Re: error while generating Certificate Signing Request
It looks like your missing the openssl.cnf file or maybe the my_key.key file. Double check your config file and command line parameters. From: PRIYARANJAN NAYAK Sent: Tuesday, October 23, 2012 3:03 AM To: openssl-users@openssl.org Subject: error while generating Certificate Signing Request Hi ALL, -- First I generate private key i.e my_key.key,then I am trying to Generate a Certificate Signing Request: while generating .csr file I faced this error . C:\C:\tmp_open_ssl\bin\openssl.exe req -new -key my_key.key -out my_request.csr -config C:\tmp_open_ssl\ssl\openssl.cnf WARNING: can't open config file: c:/tmp_open_ssl;/ssl/openssl.cnf Error opening Private Key my_key.key 3464:error:02001002:system library:fopen:No such file or directory:.\crypto\bio\bss_file.c:398:fopen('my_key.key','rb') 3464:error:20074002:BIO routines:FILE_CTRL:system lib:.\crypto\bio\bss_file.c:400:unable to load Private Key Can any one help me about this error Thanks Priyaranjan
Re: error while generating Certificate Signing Request
Hello, Not sure this will help, but at first glance it seems that you have made a mistake is setup; c:/tmp_open_ssl;/ssl/openssl.cnf = Try this instead c:/tmp_open_ssl/ssl/openssl.cnf and ofc, check that that's where your config file is. Regards 2012/10/23 Sanford Staab sanfo...@gmail.com It looks like your missing the openssl.cnf file or maybe the my_key.key file. Double check your config file and command line parameters. *From:* PRIYARANJAN NAYAK priyaranjan4...@gmail.com *Sent:* Tuesday, October 23, 2012 3:03 AM *To:* openssl-users@openssl.org *Subject:* error while generating Certificate Signing Request Hi ALL, -- First I generate private key i.e my_key.key,then I am trying to Generate a Certificate Signing Request: while generating .csr file I faced this error . C:\C:\tmp_open_ssl\bin\openssl.exe req -new -key my_key.key -out my_request.csr -config C:\tmp_open_ssl\ssl\openssl.cnf WARNING: can't open config file: c:/tmp_open_ssl;/ssl/openssl.cnf Error opening Private Key my_key.key 3464:error:02001002:system library:fopen:No such file or directory:.\crypto\bio\bss_file.c:398:fopen('my_key.key','rb') 3464:error:20074002:BIO routines:FILE_CTRL:system lib:.\crypto\bio\bss_file.c:400:unable to load Private Key Can any one help me about this error Thanks Priyaranjan
Re: Compiling open ssl source code in Visual studio 2008
NMAKE : fatal error U1052: file 'ms\nt.mak;' not found You must set up right paths to nmake and others in the system environment variable PATH From: PRIYARANJAN NAYAK Sent: Tuesday, October 23, 2012 8:09 AM To: openssl-users@openssl.org Subject: Re: Compiling open ssl source code in Visual studio 2008 Hi Tom, After running ms\do_ms.bat,the output comes like C:\tmp_open_sslms\do_ms.bat; C:\tmp_open_sslperl util\mkfiles.pl 1MINFO C:\tmp_open_sslperl util\mk1mf.pl no-asm VC-WIN32 1ms\nt.mak C:\tmp_open_sslperl util\mk1mf.pl dll no-asm VC-WIN32 1ms\ntdll.mak C:\tmp_open_sslif x == x goto skipce C:\tmp_open_sslperl util\mkdef.pl 32 libeay 1ms\libeay32.def C:\tmp_open_sslperl util\mkdef.pl 32 ssleay 1ms\ssleay32.def When I am trying to run nmake -f ms\nt.mak ,the below error is coming C:\tmp_open_sslnmake -f ms\nt.mak; Microsoft (R) Program Maintenance Utility Version 9.00.21022.08 Copyright (C) Microsoft Corporation. All rights reserved. NMAKE : fatal error U1052: file 'ms\nt.mak;' not found Stop. Thanks Priyaranjan On Mon, Oct 22, 2012 at 9:30 PM, Floodeenjr, Thomas thomas_floodee...@mentor.com wrote: Priyaranjan, Did you run ms\do_ms.bat in between the configure and the nmake command? -Tom Thomas Floodeen, Jr. Mentor Graphics BSD 720.494.1133 From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of PRIYARANJAN NAYAK Sent: Monday, October 22, 2012 3:33 AM To: openssl-users@openssl.org Subject: Compiling open ssl source code in Visual studio 2008 Hi ALL, I am trying to compile open ssl source code in visual studio 2008.Before compiling I have installed Active Perl. I have followed below steps. 1.C:\Program Files\Microsoft Visual Studio 8\Common7\Tools\vsvars32.bat 2.Perl Configure VC-WIN32 --prefix=C:/tmp_open_ssl These two steps working fine . But it is not executing nmake -f ms\nt.mak command , Can any one help me . Thanks Priyaranjan
Re: error while generating Certificate Signing Request
On 10/23/2012 7:22 AM, Sanford Staab wrote: It looks like your missing the openssl.cnf file or maybe the my_key.key file. Double check your config file and command line parameters. From: PRIYARANJAN NAYAK Sent: Tuesday, October 23, 2012 3:03 AM To: openssl-users@openssl.org Subject: error while generating Certificate Signing Request Hi ALL, -- First I generate private key i.e my_key.key,then I am trying to Generate a Certificate Signing Request: while generating .csr file I faced this error . C:\C:\tmp_open_ssl\bin\openssl.exe req -new -key my_key.key -out my_request.csr -config C:\tmp_open_ssl\ssl\openssl.cnf WARNING: can't open config file: c:/tmp_open_ssl;/ssl/openssl.cnf If you are running the Windows binaries - openssl.cnf is renamed to openssl.cfg because Windows thinks .cnf files are some weird dial-up modem configuration file. I'm not sure why there is a semi-colon in the path above. If that is a legitimate copy-paste, then there might be a bug in OpenSSL. Error opening Private Key my_key.key 3464:error:02001002:system library:fopen:No such file or directory:.\crypto\bio\bss_file.c:398:fopen('my_key.key','rb') 3464:error:20074002:BIO routines:FILE_CTRL:system lib:.\crypto\bio\bss_file.c:400:unable to load Private Key This error means OpenSSL can't find the file 'my_key.key' in the current directory. You wouldn't want a private key file in the root of the primary hard drive anyway because putting files into the root is a great way to hose your OS such that it won't boot. -- Thomas Hruska Shining Light Productions Home of BMP2AVI and Win32 OpenSSL. http://www.slproweb.com/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: error while generating Certificate Signing Request
Don’t use ‘-config’ option for CSR, let the default configuration file be used, it’s enough or maybe not needed at all for CSRs. openssl req -newkey rsa:2048 -keyout my_key.key -keyform PEM –out my_request.csr -outform PEM From: PRIYARANJAN NAYAK Sent: Tuesday, October 23, 2012 1:03 PM To: openssl-users@openssl.org Subject: error while generating Certificate Signing Request Hi ALL, -- First I generate private key i.e my_key.key,then I am trying to Generate a Certificate Signing Request: while generating .csr file I faced this error . C:\C:\tmp_open_ssl\bin\openssl.exe req -new -key my_key.key -out my_request.csr -config C:\tmp_open_ssl\ssl\openssl.cnf WARNING: can't open config file: c:/tmp_open_ssl;/ssl/openssl.cnf Error opening Private Key my_key.key 3464:error:02001002:system library:fopen:No such file or directory:.\crypto\bio\bss_file.c:398:fopen('my_key.key','rb') 3464:error:20074002:BIO routines:FILE_CTRL:system lib:.\crypto\bio\bss_file.c:400:unable to load Private Key Can any one help me about this error Thanks Priyaranjan
Re: Compiling open ssl source code in Visual studio 2008
Seems to be I was mistaken in previous message: nmake was found, but you forgot to do: ms\do_nasm nt.mak and ntdll.mak were not created yet. From: PRIYARANJAN NAYAK Sent: Tuesday, October 23, 2012 8:09 AM To: openssl-users@openssl.org Subject: Re: Compiling open ssl source code in Visual studio 2008 Hi Tom, After running ms\do_ms.bat,the output comes like C:\tmp_open_sslms\do_ms.bat; C:\tmp_open_sslperl util\mkfiles.pl 1MINFO C:\tmp_open_sslperl util\mk1mf.pl no-asm VC-WIN32 1ms\nt.mak C:\tmp_open_sslperl util\mk1mf.pl dll no-asm VC-WIN32 1ms\ntdll.mak C:\tmp_open_sslif x == x goto skipce C:\tmp_open_sslperl util\mkdef.pl 32 libeay 1ms\libeay32.def C:\tmp_open_sslperl util\mkdef.pl 32 ssleay 1ms\ssleay32.def When I am trying to run nmake -f ms\nt.mak ,the below error is coming C:\tmp_open_sslnmake -f ms\nt.mak; Microsoft (R) Program Maintenance Utility Version 9.00.21022.08 Copyright (C) Microsoft Corporation. All rights reserved. NMAKE : fatal error U1052: file 'ms\nt.mak;' not found Stop. Thanks Priyaranjan On Mon, Oct 22, 2012 at 9:30 PM, Floodeenjr, Thomas thomas_floodee...@mentor.com wrote: Priyaranjan, Did you run ms\do_ms.bat in between the configure and the nmake command? -Tom Thomas Floodeen, Jr. Mentor Graphics BSD 720.494.1133 From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of PRIYARANJAN NAYAK Sent: Monday, October 22, 2012 3:33 AM To: openssl-users@openssl.org Subject: Compiling open ssl source code in Visual studio 2008 Hi ALL, I am trying to compile open ssl source code in visual studio 2008.Before compiling I have installed Active Perl. I have followed below steps. 1.C:\Program Files\Microsoft Visual Studio 8\Common7\Tools\vsvars32.bat 2.Perl Configure VC-WIN32 --prefix=C:/tmp_open_ssl These two steps working fine . But it is not executing nmake -f ms\nt.mak command , Can any one help me . Thanks Priyaranjan
Re: Compiling open ssl source code in Visual studio 2008
OFFTOPIC: )) Бл..., день сегодня весёлый )) во второй раз невнимателен... Priyaranjan, if you have ran: perl Configure VC-WIN32 --prefix=c:\some\openssl\dir ms\do_nasm or ms\do_ms nmake -f ms\nt.mak and get the following error message: “NMAKE : fatal error U1052: file 'ms\nt.mak;' not found” then possible problems are: 1) You must run Visual Studio Command Promt not usual Command Promt. This is important. 2) in Visual Studio. Maybe you forget to install SP1. Maybe problems with paths and vars. Try to reinstall. And don’t use source dir of OpenSSL for install path if you did so. From: PRIYARANJAN NAYAK Sent: Tuesday, October 23, 2012 8:09 AM To: openssl-users@openssl.org Subject: Re: Compiling open ssl source code in Visual studio 2008 Hi Tom, After running ms\do_ms.bat,the output comes like C:\tmp_open_sslms\do_ms.bat; C:\tmp_open_sslperl util\mkfiles.pl 1MINFO C:\tmp_open_sslperl util\mk1mf.pl no-asm VC-WIN32 1ms\nt.mak C:\tmp_open_sslperl util\mk1mf.pl dll no-asm VC-WIN32 1ms\ntdll.mak C:\tmp_open_sslif x == x goto skipce C:\tmp_open_sslperl util\mkdef.pl 32 libeay 1ms\libeay32.def C:\tmp_open_sslperl util\mkdef.pl 32 ssleay 1ms\ssleay32.def When I am trying to run nmake -f ms\nt.mak ,the below error is coming C:\tmp_open_sslnmake -f ms\nt.mak; Microsoft (R) Program Maintenance Utility Version 9.00.21022.08 Copyright (C) Microsoft Corporation. All rights reserved. NMAKE : fatal error U1052: file 'ms\nt.mak;' not found Stop. Thanks Priyaranjan On Mon, Oct 22, 2012 at 9:30 PM, Floodeenjr, Thomas thomas_floodee...@mentor.com wrote: Priyaranjan, Did you run ms\do_ms.bat in between the configure and the nmake command? -Tom Thomas Floodeen, Jr. Mentor Graphics BSD 720.494.1133 From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of PRIYARANJAN NAYAK Sent: Monday, October 22, 2012 3:33 AM To: openssl-users@openssl.org Subject: Compiling open ssl source code in Visual studio 2008 Hi ALL, I am trying to compile open ssl source code in visual studio 2008.Before compiling I have installed Active Perl. I have followed below steps. 1.C:\Program Files\Microsoft Visual Studio 8\Common7\Tools\vsvars32.bat 2.Perl Configure VC-WIN32 --prefix=C:/tmp_open_ssl These two steps working fine . But it is not executing nmake -f ms\nt.mak command , Can any one help me . Thanks Priyaranjan
RE: Compiling open ssl source code in Visual studio 2008
From: owner-openssl-us...@openssl.org On Behalf Of PRIYARANJAN NAYAK Sent: Tuesday, 23 October, 2012 00:10 After running ms\do_ms.bat,the output comes like snip When I am trying to run nmake -f ms\nt.mak ,the below error is coming C:\tmp_open_sslnmake -f ms\nt.mak; Microsoft (R) Program Maintenance Utility Version 9.00.21022.08 Copyright (C) Microsoft Corporation. All rights reserved. NMAKE : fatal error U1052: file 'ms\nt.mak;' not found Stop. The filename doesn't have a semicolon in it. Type ms\nt.mak WITHOUT a semicolon. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: error while generating Certificate Signing Request
From: owner-openssl-us...@openssl.org On Behalf Of Sanford Staab Sent: Tuesday, 23 October, 2012 10:22 It looks like your missing the openssl.cnf file or maybe the my_key.key file. Double check your config file and command line parameters. He is definitely missing the my_key.key file; the error message says so. If the file specified as -config can't be opened, that's an error. The warning is when the *default* config file $OPENSSLDIR/openssl.cnf can't be opened. If you compare the pathname in the warning to the pathname he used that worked, it's clear OPENSSLDIR incorrectly has a semicolon in it, I'll guess due to a mistake in the configure step. From: PRIYARANJAN NAYAK mailto:priyaranjan4...@gmail.com Sent: Tuesday, October 23, 2012 3:03 AM C:\C:\tmp_open_ssl\bin\openssl.exe req -new -key my_key.key -out my_request.csr -config C:\tmp_open_ssl\ssl\openssl.cnf WARNING: can't open config file: c:/tmp_open_ssl;/ssl/openssl.cnf Error opening Private Key my_key.key 3464:error:02001002:system library:fopen:No such file or directory: .\crypto\bio\bss_file.c:398:fopen('my_key.key','rb') 3464:error:20074002:BIO routines:FILE_CTRL:system lib: .\crypto\bio\bss_file.c:400:unable to load Private Key __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: SP 800-90 DRNGs
On Wed, Oct 24, 2012, TJ wrote: Can somebody please confirm that the SP 800-90 DRNGs are only included with the FIPS module? I removed the FIPS module from our product since we are doing our own validation, but apparently we require SP 800-90 DRNGs for validation. Are the SP 800-90 DRNGs included in regular OpenSSL or do I need to go back and (re)install the FIPS module? Yes currently the DRBGs are only part of the FIPS module. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Wild card SSL; use on multiple Apache servers
Hi, This topic is one that I am ignorant on and appreciate any guidance. I found some sources of info on web and mailing lists that say I can simply copy a wild card cert to any apache server as is. I've had a wild card cert running on one of my servers for a while now and wish to take advantage of this commercially purchased feature. When I simply copy my public and private keys (commercial.crt, commercial.key) to another server and attempt to get to it via a browser, I get an error that the key is not trusted and is for *.domain.com and domain.com. This isn't the exact error but I hope you understand whats going on. This leads me to think that I must export the key(s) from my working server and import to another server(s). Both servers are Apache servers with openssl installed so I have the command suite available to use. When viewing my cert, it looks like this; Subject:/O=*.domain.com/OU=Domain Control Validated/CN=*.domain.com Issuer: /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber= Validation Days:start date - end date Subject Alternative Name: *.domain.com, domain.com I removed the serial, domain name and dates. So what is it that I must do, export a private key in a particular format? Thanks in advance, - aurf
Firefox, openssl, ipv6 and certificates
Running into an odd problem with ipv6 self signed certificates. Firefox does not seem to be able to or want to accept them. Same certificate is ok on ipv4. What attributes are normally found in a certificate for ipv6..does anybody have an example they could share with me? Anybody run into the firefox thing? Thank you, Mike