httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 45763] New: No openssl.cnf defined by default causes OpenSSL commands to fail
Date Mon, 08 Sep 2008 12:54:35 GMT

           Summary: No openssl.cnf defined by default causes OpenSSL
                    commands to fail
           Product: Apache httpd-2
           Version: 2.2.9
          Platform: PC
        OS/Version: Windows XP
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Runtime Config

my PATH includes %APACHE2_HOME%\bin
the OpenSSL version displayed is :  0.9.8h

trying to run the here under command :
OpenSSL> req -inform DER  -outform DER -out C:\CSR.der -pubkey -new -newkey
rsa:1024 -verbose

I get this :
Unable to load config info from /usr/local/ssl/openssl.cnf
error in req

Indeed it seems that by default no openssl.cnf is created when installing
Apache 2.2.9 on windows, I only see C:\ApacheGroup\Apache2.2\bin\openssl.exe

(By the way why the path is a unix style one /usr/local/ and not a windows
style ?)

see related issue at
and one sample cfg file at

-config filename
    this allows an alternative configuration file to be specified, this
overrides the compile time filename or any specified in the OPENSSL_CONF
environment variable.

I have seen C:\ApacheGroup\Apache2.2\conf\openssl.cnf, so I tried :

OpenSSL> req -inform DER  -outform DER -out C:\CSR.der -pubkey -new -newkey
rsa:1024 -verbose -config C:\ApacheGroup\Apache2.2\conf\openssl.cnf

Using configuration from C:\ApacheGroup\Apache2.2\conf\openssl.cnf
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
writing new private key to 'privkey.pem'
Enter PEM pass phrase:

So the Apache doc should mentionn where to find openssl.cnf and how to use the
variable OPENSSL_CONF or better configure OpenSSL and apache in a such way that 
the req  command runs fine at first try

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message