I am trying to create a self-signed certificate using OpenSSL on Ubuntu 14.04.
When I enter the command openssl ca -in tempreq.pem -out server_crt.pem
, I get the following error:
Using configuration from /root/myCA/caconfig.cnf
**Error opening CA private key** ~/myCA/private/cakey.pem
139754719667872:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('~/myCA/private/cakey.pem','r')
139754719667872:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
unable to load CA private key
I have already verified that nano ~/myCA/private/cakey.pem
command opens the cakey.pem
file, and that the read permission for this file is enabled.
Any help will be appreciated. Thanks!
You seem to be running as root, check that you haven't accidentally followed the instructions on the ubuntu.com OpenSSL article too literally and set the dir param in /root/myCA/caconfig.cnf to /home/root/myCA.
This as the root home dir differs from all other home directories by residing in the top folder. So if you have set it to /home/root/myCA, that is not valid, you have to change it to /root/myCA.
Edit (as this was the problem):
Using "~" in the configuration might not work as it might not be expanded properly by openssl. If you are, try use absolute paths instead.