After installing openssl, we have to set the path for its config file. Otherwise it will keep giving a warning message for any command we run. For example you are trying to run this command to generate private key.
openssl genrsa -out mycertificate.key 4096
It will give you following warning message:
WARNING: can't open config file: C:/OpenSSL/openssl.cnf Generating RSA private key, 4096 bit long modulus ......................++ .....................................................++ unable to write 'random state' e is 65537 (0x10001)
To fix this issue, we have to tell openssl where to find its .cnf
file.
We can do this by one of the following ways.
-
Before starting to create private keys or CSR from openssl command prompt, run this command to set is config file path.
set OPENSSL_CONF=C:\OpenSSL\bin\openssl.cnf
You can find thiscnf
file insidebin
folder, at the root of the path where you have installed openssl. -
Set the same variable
OPENSSL_CONF
in the Windows environment variables, with the path to the config file at your system. -
You can use
-config
parameter to append the config file path with each command you run from openssl. i.e.openssl .................... -config C:\OpenSSL\bin\openssl.cnf
-
If you are using powershell, you can set environment variable like this:
$env:OPENSSL_CONF = "C:\OpenSSL\bin\openssl.cnf"
This comment has been removed by a blog administrator.
ReplyDeleteGreat instructions, was able to generate my cert.
ReplyDeleteTrick was to manually mention the cnf file location