[OpenSSL v1.1.0f]
我使用以下命令创建自签名证书,仅用于测试目的:
$ openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 10000 -nodes
但是我收到这样的消息:
Can't open /usr/local/ssl/openssl.cnf for reading, No such file or directory
140480609138432:error:02001002:system library:fopen:No such file or directory:crypto/bio/bss_file.c:74:fopen('/usr/local/ssl/openssl.cnf','r')
140480609138432:error:2006D080:BIO routines:BIO_new_file:no such file:crypto/bio/bss_file.c:81:
Generating a 4096 bit RSA private key
..................................++
.................................................................................................................................................................................................................++
writing new private key to 'key.pem'
-----
unable to find 'distinguished_name' in config
problems making Certificate Request
140480609138432:error:0E06D06A:configuration file routines:NCONF_get_string:no conf or environment variable:crypto/conf/conf_lib.c:272:
我该怎么做才能解决这个问题?
答案 0 :(得分:3)
通常openssl会使用默认配置,但好像你没有在正确的地方。您还可以将配置文件作为命令行参数传递。请注意-config选项。
openssl req -x509 -config openssl.cnf -newkey rsa:4096 -keyout key.pem -out cert.pem -days 10000 -nodes