2

I am Using OpenSSL "Win32OpenSSL_Light-1_0_1j" on Windows XP Machine. I have created the following keys and certificates

  1. RootCA-cert.pem - Root certificate
  2. RootCA-PKey.pem - Root CA private key
  3. servertest.key - private key for server certificate
  4. server-certificate.crt - server certificate

The root CA, I have stored the client (target board).

After this I am giving a command from the command prompt to connect to client (target broad).

But I am getting error.

s_server -accept 443 -cert server-certificate.crt -CAfile RootCA-cert.crt -key servertest.key

Enter pass phrase for servertest.key:

Loading 'screen' into random state - done

15424:error:02001002:system library:fopen:No such file or directory:.\crypto\bio\bss_file.c:169:fopen('RootCA-cert.crt','r')

15424:error:2006D080:BIO routines:BIO_new_file:no such file:.\crypto\bio\bss_file.c:172:

15424:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:.\crypto\x509\by_file.c:274:

Using default temp DH parameters
Using default temp ECDH parameters

ACCEPT

I am using the default .cfg file when the OpenSSL is installed. I have the check the path set for the openssl.cfg file in the environmental path setting. It is OPENSSL_SSL = C:\OpenSSLWin32\bin\openssl.cfg which gets set when OpenSSL gets installed.

The extension for the configuration file is .cfg and not **cnf or conf.

Kindly help me on this.

jww
  • 97,681
  • 90
  • 411
  • 885
ssk
  • 21
  • 1
  • 4
  • Stack Overflow is a site for programming and development questions. This question appears to be off-topic because it is not about programming or development. See [What topics can I ask about here](http://stackoverflow.com/help/on-topic) in the Help Center. Perhaps [Super User](http://superuser.com/) would be a better place to ask. Also see [Where do I post questions about Dev Ops?](http://meta.stackexchange.com/q/134306). – jww Jun 11 '16 at 22:25
  • Also see [OpenSSL and error in reading openssl.conf file](http://stackoverflow.com/q/7360602). – jww Jun 11 '16 at 22:26

1 Answers1

1

RootCA-cert.pem - Root certificate

OpenSSL> s_server -accept 443 -cert server-certificate.crt -CAfile RootCA-cert.crt -key servertest.key

... fopen:No such file or directory:.\crypto\bio\bss_file.c:169:fopen('RootCA-cert.crt','r')

Your file is *.pem but you specify *.crt on the command line. No wonder it can not find the file.

Community
  • 1
  • 1
Steffen Ullrich
  • 114,247
  • 10
  • 131
  • 172
  • Thanks for your input. OpenSSL> s_server -accept 443 -cert server-certificate.crt -CAfile RootCA-cert.pem -key serv Enter pass phrase for servertest.key: Loading 'screen' into random state - done Using default temp DH parameters Using default temp ECDH parameters ACCEPT bad gethostbyaddr ERROR shutting down SSL CONNECTION CLOSED ACCEPT . I believe this error I am getting because device is not able to connect to the PC. In the Common name in the server certificate I have given the IP address of the machine. Is is correct. – ssk Dec 09 '14 at 13:41
  • A comment is not a good place to ask a new question which is only slightly related to the original problem. Please create a new question with proper formatting and enough details. – Steffen Ullrich Dec 09 '14 at 14:54