[Openswan Users] Openssl ca -gencrl -out crl.pem -> Error

Paul Wouters paul at xelerance.com
Tue Oct 3 15:35:46 EDT 2006


On Tue, 3 Oct 2006, Fabio Ferreira wrote:

> I have the openswan-2.4.4-1.1.2.1 installed on my Fedora Core 5 and when
> I generate the archive "crl" I get the following error:
>
> [root at frwmarkway private]# pwd
> /etc/pki/CA/private
>
> [root at frwmarkway private]# openssl ca -gencrl -out crl.pem
> Using configuration from /etc/pki/tls/openssl.cnf
> Enter pass phrase for ../../CA/private/cakey.pem:
> ../../CA/crlnumber: No such file or directory
> error while loading CRL number
> 24073:error:02001002:system library:fopen:No such file or
> directory:bss_file.c:349:fopen('../../CA/crlnumber','r')
> 24073:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:351:

If that is the same as what per default is the "serial" file, then
try: echo "01" > ../../CA/crlnumber

The serial file has to exist for openssl, it won't create it.

Paul


More information about the Users mailing list