Women in Technology

Article:		Deploying a VPN with PKI
Subject:		if anyone gets stuck in the same way...
Date:		2004-10-26 08:33:11
From:		myriapod
I'm testing the described setup on Mandrake 10. First of all I had to download openssl-0.9.7d from the cooker cos the default was 0.9.7c. Then using the openssl.cnf provided by this article I kept getting this ugly error on every certificate signing attempt: variable lookup failed for CA_vpn::default_md 15411:error:02001002:system library:fopen:No such file or directory:bss_file.c:104:fopen('/home/vpn/ca/index.txt.attr','rb') 15411:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:107: 15411:error:0E064072:configuration file routines:CONF_load:no such file:conf_def.c:197: 15411:error:0E06D06C:configuration file routines:NCONF_get_string:no value:conf_lib.c:329:group=CA_vpn name=default_md Adding: default_md = md5 to openssl.cnf fixes the problem. Hope it helps. Bye.

Showing messages 1 through 3 of 3.

• if anyone gets stuck in the same way...
  2004-10-26 13:56:25  inyotech [View]
  
  
  I think you might have err'd on cut-n-paste as I can see this in the middle of the config file:
  
  

  
  
  # Issued certificates will be valid for 1 year
  
  default_days    = 365
  
  default_crl_days= 30    
  
  
  
  # Hashing function
  
  default_md      = md5
  
  

  
  
  
  Although maybe it needs to be in a different section. Thanks for the note.
• if anyone gets stuck in the same way...
  2004-10-26 15:28:10  myriapod [View]
  
  
  It was right under my eyes, I'm sorry! I don't really know how did I miss that! I should definitely get some sleep. :)
• if anyone gets stuck in the same way...
  2006-03-27 11:24:13  amjice [View]
  
  
  Can this MD be changed to something like "SHA1"? Sorry if this is a basic questions. I'm a bit of a newbie.
  
  I've already created the keys and certs after changing it to SHA1 but couldn't really make heads or tails about whether it took or not.
  
  Thanks.