Install OpenSSL. On RHEL/CentOS 7/8 you can use yum or dnf respectively while on Ubuntu use apt …
C:\Users\fyicenter>\local\OpenSSL-Win32\bin\openssl.exe OpenSSL> ca -in test.csr -keyfile my_ca.key -cert my_ca.crt Using configuration from C:\local\OpenSSL-Win32\bin\openssl.cfg Enter pass phrase for my_ca.key:fyicenter ./demoCA/index.txt: No such file or directory unable to open './demoCA/index.txt' 9632:error:02001002:system library:fopen Odd error while using openssl - Server Fault openssl ca doesn't just use the database index file (which you have correctly set to be index.txt) but als a database attribute file. This is always in the same place as the index file and its name is that of the index suffixed with .attr.This attribute file (which is not really documented, as far as I know) holds only one information: The configuration line How to revoke an openssl certificate when you don't have (Based on Nilesh's answer) In the default configuration, openssl will keep copies of all signed certificates in /etc/ssl/newcerts, named by its index number.So grep /etc/ssl/index.txt to obtain the serial number of the key to be revoked, e.g. 1013, then execute the following command:. openssl ca -revoke /etc/ssl/newcerts/1013.pem #replacing the serial number How to setup your own CA with OpenSSL · GitHub echo '01' > serial; touch index.txt; mkdir newcerts To create a .csr for our base.domain site we will enter: $ openssl req -new -out base.domain.csr -config req.base.domain.conf And finally to sign a certificate with a .csr created we will do:
Apr 10, 2015 · cd /etc/pki/CA openssl genrsa -out firstname.lastname@example.org 4096 chmod 400 email@example.com openssl req -new \ -key firstname.lastname@example.org \ -out email@example.com You are about to be asked to enter information that will be incorporated into your certificate request.
Revoke cert without .pem and index.txt files - OpenVPN Oct 28, 2012 Certificate management
The openssl command-line tool can maintain such a list for you: that's the index.txt file, as maintained by the openssl ca command-line option. If you don't use it, then you will have to maintain the information yourself, which is, at best, cumbersome.
OpenSSL OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library. For more information about the team and community around the project, or to start making your own contributions, start with the community page. Index of /txt/