Certificate creation????
This is a discussion on Certificate creation???? within the FreeRADIUS Users forums, part of the Networking and Network Related category; Hi, What i am doing wrong? The creation of my certificates for EAP/TLS with CA.all or CA.certs ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
05-31-2005
|
|||
|
|||
Certificate creation????
Hi,
What i am doing wrong? The creation of my certificates for EAP/TLS with CA.all or CA.certs always end with an message like this: ----- Country Name (2 letter code) [AU]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, YOUR name) []:Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:An optional company name []:Using configuration from /etc/ssl/openssl.cnf ../demoCA/serial: No such file or directory error while loading serial number 3164:error:02001002:system library:fopen:No such file or directory:bss_file.c:276:fopen('./demoCA/serial','r') 3164:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:278: Failed to do sign certificate radius:/usr/local/etc/raddb/certs # So i looked for the serial file. But it dosnīt exist. I think because of an earlier message: CA certificate filename (or enter to create) unknown option -next_serial usage: x509 args -inform arg - input format - default PEM (one of DER, NET or PEM) -outform arg - output format - default PEM (one of DER, NET or PEM) -keyform arg - private key format - default PEM -CAform arg - CA format - default PEM -CAkeyform arg - CA key format - default PEM -in arg - input file - default stdin -out arg - output file - default stdout -passin arg - private key password source -serial - print serial number value -hash - print hash value -subject - print subject DN -issuer - print issuer DN -email - print email address(es) -startdate - notBefore field -enddate - notAfter field -purpose - print out certificate purposes -dates - both Before and After dates -modulus - print the RSA key modulus -pubkey - output the public key -fingerprint - print the certificate fingerprint -alias - output certificate alias -noout - no certificate output -ocspid - print OCSP hash values for the subject name and public key -trustout - output a "trusted" certificate -clrtrust - clear all trusted purposes -clrreject - clear all rejected purposes -addtrust arg - trust certificate for a given purpose -addreject arg - reject certificate for a given purpose -setalias arg - set certificate alias -days arg - How long till expiry of a signed certificate - def 30 days -checkend arg - check whether the cert expires in the next arg seconds exit 1 if so, 0 if not -signkey arg - self sign cert with arg -x509toreq - output a certification request object -req - input is a certificate request, sign and output. -CA arg - set the CA certificate, must be PEM format. -CAkey arg - set the CA key, must be PEM format missing, it is assumed to be in the CA file. -CAcreateserial - create serial number file if it does not exist -CAserial arg - serial file -set_serial - serial number to use -text - print the certificate in text form -C - print out C code forms -md2/-md5/-sha1/-mdc2 - digest to use -extfile - configuration file with X509V3 extensions to add -extensions - section from config file with X509V3 extensions to add -clrext - delete extensions before signing and input certificate -nameopt arg - various certificate name options -engine e - use engine e, possibly a hardware device. -certopt arg - various certificate text options Can anyone help me plaese?? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html 
|
Linear Mode
