[Openswan Users] Problem with openssl ca

Nick Norman nick at dctower.co.uk
Sat Dec 17 12:15:00 CET 2005

On Wednesday 14 Dec 2005 18:18, Paul Wouters wrote:
> On Wed, 14 Dec 2005, Nick Norman wrote:
> > All appears to be Ok all installed, run CA.sh -new ca appears to run OK,
> > but when I issue openssl ca -gencrl -out crl.pem I get an error saying
> > that there is no cacert.pem, this is correct one has not been written.
> >
> > So the question is - what am I missing?
> Have a look at http://www.natecarlson.com/linux/ipsec-x509.php#casetup
> check your openccl.cnf for filepaths where it has put your CA certificate.
> If you use any non-standard path, you need to specify if for each command,
> using with the -in option.
> Paul
Hi Paul (and others)

Done all that (and more, all the .cnf & CA.sh files all agree where to put 
files - unless I've missed one!) and still ... no cacert.pem is written.  I 
am root (well su) and chmod 700 has been done on /var/sslca/ as per the url 

Now starting to tear what little hair I have left out

Regards & TIA

'How come you know all that stuff?'
'I ain't just a pretty face.'
'You aren't even a pretty face, Gaspode.'
(Moving Pictures)
 12:14:46 up 11 days,  4:08,  5 users,  load average: 0.11, 0.08, 0.06

More information about the Users mailing list