Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

openssl ca ke issue

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers openssl ca ke issue
# 1  
Old 06-08-2006
openssl ca ke issue
Hi everybody:

here is my tale: I need to create some ssl certificates, so I did it with my Linux; I created de CA key and all the other stuff, and of course the certificates needed.
The thing is I had to replace mi hard drive and I backed up all the info but I forgot to backup the /etc/ssl.
Of course that I have a copy of the CA key and the CA certificate (cacert.pem and cakey.pem) and I restored it to the new box, but when I try to sign a certificate with the CA key, ssl complains about the wrong password.
I'm sure I'm entering the right password, so here is the question:
is it enogh to have the CA key and CA cert or there is other files from the /etc/ssl that I should backed-up to have the CA key working properly.

If I need more than these two files to sign as a CA I'm lost 'cause I don't have the old /etc/ssl ( I have only cacert.pem and cakey.pem)

Note: the linux is, in both cases, the same.

Thanks a lot and sorry for the long mail and my poor English.
 
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Solaris

Openssl upgrade

Hello Admins. I need to upgrade the openssl version in Solaris 10 due to vulnerabilities. When I checked the current version, it shows: bash-3.2# openssl version OpenSSL 1.0.2n 7 Dec 2017 bash-3.2# which openssl /usr/bin/openssl When I installed the new one, its getting... (0 Replies)
Discussion started by: snchaudhari2
0 Replies

2. Cybersecurity

OpenSSL

I just started playing around with Unix's OpenSSL utility. I can't seem to get the hang of it, and the man page isn't helping much. I wanted to experiment with file encryption, so I created a dummy text file with one line of text and tried to encrypt it using DES. I used the following command: ... (2 Replies)
Discussion started by: Ultrix
2 Replies

3. Red Hat

Openssl vulnerabilities

Hi there, The following openssl package are installed on the machine (openssl-1.0.0-27.el6_4.2.x86_64). It isn't the last version but I need to known if this content Vulnerabilities... How to check that on RedHat? Could you please tell me how to find this information?? Thankx (3 Replies)
Discussion started by: hiero_nymus
3 Replies

4. Red Hat

Issue w/manually installing OpenSSL 1.0.1j

My Redhat Enterprise 5 system is vulnerable to POODLE and there does not seem to be a Redhat fix coming down the pipe. So I have downloaded OpenSSL 1.0.1j from source and built it. My question is ho do I make sure the Apache and Tomcat use the1.0.1j version and not the distro version. Thanks,... (0 Replies)
Discussion started by: caspersgrin
0 Replies

5. Shell Programming and Scripting

Openssl issue

Hi, I am using openssl as below for encryption of a string ( foo) and I have to pass the password twice for the same. echo 'foo' | openssl aes-256-cbc -a -salt enter aes-256-cbc encryption password: Verifying - enter aes-256-cbc encryption password:... (2 Replies)
Discussion started by: 46019
2 Replies

6. AIX

openssl issue

Gurus, As per audit recommendation i have installed openssl.base 0.9.8.803 and upgraded openssl from 9.7l to 9.8 as prerequisits. But post these installation ssh fails with below error message. exec(): 0509-036 Cannot load program ssh because of the following errors: 0509-150 ... (3 Replies)
Discussion started by: newaix
3 Replies

7. Solaris

Openssl 0.9.8r

Hi Peeps, Having trouble compiling openssl 0.9.8r on Solaris 10 x86. The make test fails when running the shatests (segmentation faults). There is a PROBLEM file that references a file called values.c. Anyone know whereabouts in the source tree you put this file as the file doesn't tell you... (2 Replies)
Discussion started by: callmebob
2 Replies

8. UNIX for Advanced & Expert Users

Using openssl

All, I am new to openssl and I have not been able to figure out exactly how to use it. What I need to do is to create a shell script which FTPS's (SFTP is not allowed on my project) a file to a mainframe. The mainframe will not initiate a session with my server. Question. Are the packages... (7 Replies)
Discussion started by: MichaelInDC
7 Replies

9. UNIX for Advanced & Expert Users

openssl help

I ungraded my openssl on sun solaris 8 from openssl 0.9.6c to openssl 0.9.6g the ungrade went fine but when I tried to ssh in to server, I received the following error message "ld.so.1: ./sshd: fatal: relocation error: file /usr/local/ssl/lib/libcrypto.so.0.9.6: symbol main: referenced symbol... (2 Replies)
Discussion started by: hassan2
2 Replies
Login or Register to Ask a Question

LEARN ABOUT LINUX

update-ca-certificates

UPDATE-CA-CERTIFICATES(8)				      System Manager's Manual					 UPDATE-CA-CERTIFICATES(8)

NAME

       update-ca-certificates - update /etc/ssl/certs and certificates.crt

SYNOPSIS

       update-ca-certificates [options]

DESCRIPTION

       This manual page documents briefly the update-ca-certificates commands.	This manual page was written for the Debian distribution.

       update-ca-certificates  is  a  program that updates the directory /etc/ssl/certs to hold SSL certificates and generates certificates.crt, a
       concatenated single-file list of certificates.

       It reads the file /etc/ca-certificates.conf. Each line gives a pathname of a CA certificate under /usr/share/ca-certificates that should be
       trusted.  Lines that begin with "#" are comment lines and thus ignored.	Lines that begin with "!" are deselected, causing the deactivation
       of the CA certificate in question.

       Furthermore all certificates found below /usr/local/share/ca-certificates are also included as implicitly trusted.

       Before terminating, update-ca-certificates invokes run-parts on /etc/ca-certificates/update.d and calls each hook with a list  of  certifi-
       cates: those added are prefixed with a +, those removed are prefixed with a -.

OPTIONS

       A summary of options is included below.

       -h, --help
	      Show summary of options.

       -v, --verbose
	      Be verbose. Output c_rehash.

       -f, --fresh
	      Fresh updates.  Remove symlinks in /etc/ssl/certs directory.

FILES

       /etc/ca-certificates.conf
	      A configuration file.

       /etc/ssl/certs/ca-certificates.crt
	      A single-file version of CA certificates.  This hold all CA certificates that you activated in /etc/ca-certificates.conf.

       /usr/share/ca-certificates
	      Directory of CA certificates.  /usr/local/share/ca-certificates Directory of local CA certificates.

SEE ALSO

       c_rehash(1),

AUTHOR

       This manual page was written by Fumitoshi UKAI <ukai@debian.or.jp>, for the Debian project (but may be used by others).

								   20 April 2003					 UPDATE-CA-CERTIFICATES(8)