Problem:
This message is obtained when generating a certificate while running the DemoCA tutorial and executing openssl:
"Unable to load config info from /usr/local/ssl/openssl.cnf"
This is the procedure that was followed leading up to the error message:
- Install DemoCA
- Open an ES command shell
- Browse to the DemoCA folder, eg. "C:\\Program Files(x86)\\Micro Focus\\DemoCA".
- Execute create_srv_req
The following was displayed in the output:
> openssl req -verbose -new -keyout srvkey.pem -out srvcertreq.csr -days 360 -config openssl.cnf
WARNING: can't open config file: /usr/local/ssl/openssl.cnf
This was then displayed:
Using configuration file from openssl.cnf
The creation of the key file and cert was allowed.
But why is this message generated?
Resolution:
The reason this message is appearing is that Openssl on Windows is looking for a path that is on Unix/Linux but does not exist on Windows.
If you receive a warning message like
"WARNING: can't open config file: /usr/local/ssl/openssl.cnf"
from the openssl utility, you can suppress it by setting the environment variable OPENSSL_CONF to the location of a suitable openssl.cnf file. One is located with the Micro Focus DemoCA. in the main directory of the DemoCA installation. For example:
On Windows:
Set OPENSSL_CONF=C:\\Program Files (x86)\\Micro Focus\\DemoCA\\openssl.cnf
On UNIX:
Export OPENSSL_CONF=$COBDIR/DemoCA
Note that this messahe is only a warning; the openssl command may still perform the function you requested. The openssl.cnf file is primarily used to set default values for the CA function, key sizes for generating new key pairs, and similar configuration.
Consult the OpenSSL documentation available at openssl.org for more information.
#MFDS
#EnterpriseDeveloper
