2

I want to have a self-signed SSL Certificate for my local development server. I was following the guide on https://help.ubuntu.com/community/OpenSSL and at the last step where you issue the command to sign the certificate by issuing the following command:

openssl ca -in tempreq.pem -out server_crt.pem

I get the following error: (last line)

Using configuration from /home/user_name/.ssl/caconfig.cnf Enter pass phrase for /home/user_name/.ssl/private/cakey.pem: Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows commonName :PRINTABLE:'localhost' stateOrProvinceName :PRINTABLE:'AA' countryName :PRINTABLE:'ET' emailAddress :IA5STRING:'[email protected]' organizationName :PRINTABLE:'Example Inc' organizationalUnitName:PRINTABLE:'Development' localhost:invalid type in 'policy' configuration

What can I do to solve it? Just to serve as a back ground, I don't have a domain name for my server, so I just used localhost to be the commanName. Is that the problem?

Thanks for your help.

Improve this question

1 Answer 1

Reset to default
6

  1. Copy the policy from /etc/ssl/openssl.cnf to your configuration file

  2. Rebuild all the file from beginning

  3. The policy section is like following:

 policy = policy_match # For the CA policy [ policy_match ] countryName = match stateOrProvinceName = match organizationName = match organizationalUnitName = optional commonName = supplied emailAddress = optional # For the 'anything' policy # At this point in time, you must list all acceptable 'object' # types. [ policy_anything ] countryName = optional stateOrProvinceName = optional localityName = optional organizationName = optional organizationalUnitName = optional commonName = supplied emailAddress = optional
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.