Re: [ssl-users] What does 'no start line' mean?
Francisco Orozco Cees wrote: > > Hiya to all, > > Well... This is my 10th message in this list, I hope you can answer me some of > them :) > > I've installed OpenSSL 0.9.2b and SSLtelnet 0.11.2 > Then I've configured my own CA (using CA.sh script) > I've made a Certificate Request (CA.sh -newreq) to my test user > Then i've signed (CA.sh -sign) and i've copied to its home directory > When I try to make a telnet using this cert I receive: > > /usr/local/ssl/bin/telnet -z debug -z cert=/path/to/newcert.pem 0 > Trying 0.0.0.0... > SSL_DEBUG_FLAG on > Error loading /path/to/newcert.pem: 589:error:0906D06C:PEM > routines:PEM_read_bio:no start line:pem_lib.c:628: 589:error:140CE009:SSL > routines:SSL_use_RSAPrivateKey_file:missing asn1 eos:ssl_rsa.c:313: > do_ssleay_init() failed > It means there's no start line :-) More specifically the -BEGIN bit it expects to find is missing. In this case it looks like the private key is missing from the file. The private key is by default created on the end of the request file. Try appending it to the certificate file and trying again. Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Celo Communications: http://www.celocom.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [ssl-users] What does 'no start line' mean?
> /usr/local/ssl/bin/telnet -z debug -z cert=/path/to/newcert.pem 0 > Trying 0.0.0.0... > SSL_DEBUG_FLAG on > Error loading /path/to/newcert.pem: 589:error:0906D06C:PEM > routines:PEM_read_bio:no start line:pem_lib.c:628: 589:error:140CE009:SSL > routines:SSL_use_RSAPrivateKey_file:missing asn1 eos:ssl_rsa.c:313: > Any ideas? What does it mean? I think the start line ("-BEGIN CERTIFICATE-") is missing, the cert is not in PEM format or invalid. Did you try another cert? oki, Steffen __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[ssl-users] What does 'no start line' mean?
Hiya to all, Well... This is my 10th message in this list, I hope you can answer me some of them :) I've installed OpenSSL 0.9.2b and SSLtelnet 0.11.2 Then I've configured my own CA (using CA.sh script) I've made a Certificate Request (CA.sh -newreq) to my test user Then i've signed (CA.sh -sign) and i've copied to its home directory When I try to make a telnet using this cert I receive: /usr/local/ssl/bin/telnet -z debug -z cert=/path/to/newcert.pem 0 Trying 0.0.0.0... SSL_DEBUG_FLAG on Error loading /path/to/newcert.pem: 589:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:628: 589:error:140CE009:SSL routines:SSL_use_RSAPrivateKey_file:missing asn1 eos:ssl_rsa.c:313: do_ssleay_init() failed Any ideas? What does it mean? Thanks to all, Paco __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]