Solved SSL certificate error

Solved issue

CptCharis

Well-Known Member
Joined
Feb 27, 2018
Messages
570
Reaction score
469
Credits
1,040
Hello there, I was trying to produce my own SSL certificate with below command, on my test virtual machine running Alma Linux:


openssl req -new -x509 -nodes -sha1 -days 365 \
-key /etc/pki/tls/private/server.key \
-out server.crt

and I have this error msg as result

809B43EC1C7F0000:error:03000098:digital envelope routines:do_sigver_init:invalid digest:crypto/evp/m_sigver.c:343:

any solution/idea?
 


A few thoughts.

Ensure that the path to your private key (/etc/pki/tls/private/server.key) is correct and that you have the necessary permissions to read the file.

Double-check the syntax of your command. It should look like this
Code:
openssl req -new -x509 -nodes -sha1 -days 365 -key /etc/pki/tls/private/server.key -out server.crt

If the key file is problematic, you might want to generate a new private key and then create the certificate. Here’s how you can do it

Code:
openssl genrsa -out /etc/pki/tls/private/server.key 2048
openssl req -new -x509 -key /etc/pki/tls/private/server.key -out server.crt -days 365
 
Hello dear @dos2unix and thank you very much for your response. It is work like a charm.
The only difference between you suggestion and my command is that you omitted the "-node" & "-sha1" switches. Probably it is matter otherwise I can't see something else except that you use "-day 365" switch at the end instead of my that I use it before the path.

yours
openssl req -new -x509 -key /etc/pki/tls/private/server.key -out server.crt -days 365
mine
openssl req -new -x509 -nodes -sha1 -days 365 -key /etc/pki/tls/private/server.key -out server.crt
 
My goodness, I'm busy for a couple of hours and Capta sails in and out like a ship in and out of port on a schedule :)

Greetings, my friend.

When you are sure this is solved, you can mark it as such by going to your first post, and do as follows

Near bottom left of the post click Edit - (No Prefix) - Solved

Only when you are sure

Cheers

Chris
 
Good evening to you dear @wizardfromoz, nice to "see you" again after long time.
Looks like I miss a lot of new things, I remember that we didn't mark threads as "Solved" bfr.
Of course I can do it.
Salutes.
 


Top