Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

openssl ca ke issue

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers openssl ca ke issue
# 1  
Old 06-08-2006
openssl ca ke issue
Hi everybody:

here is my tale: I need to create some ssl certificates, so I did it with my Linux; I created de CA key and all the other stuff, and of course the certificates needed.
The thing is I had to replace mi hard drive and I backed up all the info but I forgot to backup the /etc/ssl.
Of course that I have a copy of the CA key and the CA certificate (cacert.pem and cakey.pem) and I restored it to the new box, but when I try to sign a certificate with the CA key, ssl complains about the wrong password.
I'm sure I'm entering the right password, so here is the question:
is it enogh to have the CA key and CA cert or there is other files from the /etc/ssl that I should backed-up to have the CA key working properly.

If I need more than these two files to sign as a CA I'm lost 'cause I don't have the old /etc/ssl ( I have only cacert.pem and cakey.pem)

Note: the linux is, in both cases, the same.

Thanks a lot and sorry for the long mail and my poor English.
 
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Solaris

Openssl upgrade

Hello Admins. I need to upgrade the openssl version in Solaris 10 due to vulnerabilities. When I checked the current version, it shows: bash-3.2# openssl version OpenSSL 1.0.2n 7 Dec 2017 bash-3.2# which openssl /usr/bin/openssl When I installed the new one, its getting... (0 Replies)
Discussion started by: snchaudhari2
0 Replies

2. Cybersecurity

OpenSSL

I just started playing around with Unix's OpenSSL utility. I can't seem to get the hang of it, and the man page isn't helping much. I wanted to experiment with file encryption, so I created a dummy text file with one line of text and tried to encrypt it using DES. I used the following command: ... (2 Replies)
Discussion started by: Ultrix
2 Replies

3. Red Hat

Openssl vulnerabilities

Hi there, The following openssl package are installed on the machine (openssl-1.0.0-27.el6_4.2.x86_64). It isn't the last version but I need to known if this content Vulnerabilities... How to check that on RedHat? Could you please tell me how to find this information?? Thankx (3 Replies)
Discussion started by: hiero_nymus
3 Replies

4. Red Hat

Issue w/manually installing OpenSSL 1.0.1j

My Redhat Enterprise 5 system is vulnerable to POODLE and there does not seem to be a Redhat fix coming down the pipe. So I have downloaded OpenSSL 1.0.1j from source and built it. My question is ho do I make sure the Apache and Tomcat use the1.0.1j version and not the distro version. Thanks,... (0 Replies)
Discussion started by: caspersgrin
0 Replies

5. Shell Programming and Scripting

Openssl issue

Hi, I am using openssl as below for encryption of a string ( foo) and I have to pass the password twice for the same. echo 'foo' | openssl aes-256-cbc -a -salt enter aes-256-cbc encryption password: Verifying - enter aes-256-cbc encryption password:... (2 Replies)
Discussion started by: 46019
2 Replies

6. AIX

openssl issue

Gurus, As per audit recommendation i have installed openssl.base 0.9.8.803 and upgraded openssl from 9.7l to 9.8 as prerequisits. But post these installation ssh fails with below error message. exec(): 0509-036 Cannot load program ssh because of the following errors: 0509-150 ... (3 Replies)
Discussion started by: newaix
3 Replies

7. Solaris

Openssl 0.9.8r

Hi Peeps, Having trouble compiling openssl 0.9.8r on Solaris 10 x86. The make test fails when running the shatests (segmentation faults). There is a PROBLEM file that references a file called values.c. Anyone know whereabouts in the source tree you put this file as the file doesn't tell you... (2 Replies)
Discussion started by: callmebob
2 Replies

8. UNIX for Advanced & Expert Users

Using openssl

All, I am new to openssl and I have not been able to figure out exactly how to use it. What I need to do is to create a shell script which FTPS's (SFTP is not allowed on my project) a file to a mainframe. The mainframe will not initiate a session with my server. Question. Are the packages... (7 Replies)
Discussion started by: MichaelInDC
7 Replies

9. UNIX for Advanced & Expert Users

openssl help

I ungraded my openssl on sun solaris 8 from openssl 0.9.6c to openssl 0.9.6g the ungrade went fine but when I tried to ssh in to server, I received the following error message "ld.so.1: ./sshd: fatal: relocation error: file /usr/local/ssl/lib/libcrypto.so.0.9.6: symbol main: referenced symbol... (2 Replies)
Discussion started by: hassan2
2 Replies
Login or Register to Ask a Question

LEARN ABOUT SUSE

update-ca-certificates

UPDATE-CA-CERTIFICATES(8)				      System Manager's Manual					 UPDATE-CA-CERTIFICATES(8)

NAME

       update-ca-certificates - update system CA certificates

SYNOPSIS

       update-ca-certificates [options]

DESCRIPTION

       update-ca-certificates  updates	the directory /etc/ssl/certs to hold SSL certificates and generates /etc/ssl/ca-bundle.pem, a concatenated
       single-file list of certificates.

       It reads the file /etc/ca-certificates.conf. Each line gives a pathname of a CA certificate under /usr/share/ca-certificates that should be
       trusted.  Lines that begin with "#" are comment lines and thus ignored.	Lines that begin with "!" are deselected, causing the deactivation
       of the CA certificate in question. All certificates are implicitly trusted if no trusted certificates are listed.

       Furthermore all certificates found below /usr/local/share/ca-certificates are also included as implicitly trusted.

       After populating /etc/ssl/certs update-ca-certificates invokes custom hooks in /usr/lib/ca-certificates/update.d/*.run and /etc/ca-certifi-
       cates/update.d/*.run. The command line options used for invoking update-ca-certificates are passed to the hooks as well.

OPTIONS

       A summary of options is included below.

       -h, --help
	      Show summary of options.

       -v, --verbose
	      Be verbose. Output c_rehash.

       -f, --fresh
	      Fresh updates.  Removes symlinks in /etc/ssl/certs directory and re-creates them from scratch.

FILES

       /etc/ca-certificates.conf
	      A configuration file.

       /etc/ssl/ca-bundle.pem
	      A  single-file version of all CA certificates. Use of this file is deprecated and should only be used as last resort by applications
	      that cannot parse the /etc/ssl/certs directory.

       /usr/share/ca-certificates
	      Directory of CA certificates.  /usr/local/share/ca-certificates Directory of local CA certificates.

SEE ALSO

       c_rehash(1),

AUTHOR

       This manual page was written by Fumitoshi UKAI <ukai@debian.or.jp>, for the Debian project  and	modified  by  Ludwig  Nussel  <ludwig.nus-
       sel@suse.de>.

								   27 April 2010					 UPDATE-CA-CERTIFICATES(8)