[Openswan Users] Openssl ca -gencrl -out crl.pem -> Error

Fabio Ferreira fabio.ferreira at markway.com.br
Wed Oct 4 09:04:24 EDT 2006


Paul,

Thanks very much for your help! Now it´s working!

Regards,

Fabio Ferreira

########################################################################
#####################################
-----Original Message-----
From: Paul Wouters [mailto:paul at xelerance.com] 
Sent: terça-feira, 3 de outubro de 2006 16:36
To: Fabio Ferreira
Cc: users at openswan.org
Subject: Re: [Openswan Users] Openssl ca -gencrl -out crl.pem -> Error


On Tue, 3 Oct 2006, Fabio Ferreira wrote:

> I have the openswan-2.4.4-1.1.2.1 installed on my Fedora Core 5 and
when
> I generate the archive "crl" I get the following error:
>
> [root at frwmarkway private]# pwd
> /etc/pki/CA/private
>
> [root at frwmarkway private]# openssl ca -gencrl -out crl.pem
> Using configuration from /etc/pki/tls/openssl.cnf
> Enter pass phrase for ../../CA/private/cakey.pem:
> ../../CA/crlnumber: No such file or directory
> error while loading CRL number
> 24073:error:02001002:system library:fopen:No such file or
> directory:bss_file.c:349:fopen('../../CA/crlnumber','r')
> 24073:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:351:

If that is the same as what per default is the "serial" file, then
try: echo "01" > ../../CA/crlnumber

The serial file has to exist for openssl, it won't create it.

Paul



More information about the Users mailing list