I am trying to create a self-signed SSL certificate using OpenSSL (the version that comes with Apache 2.2 + mod_ssl). The OpenSSL binaries are in C:\Web\Apache2.2\bin
, and the configuration file I am using is C:\Web\Apache2.2\conf\openssl.cnf
. I have executed the following commands:
(I will use newlines to make it more readable.)
openssl req -config ..\conf\openssl.cnf -new -out ..\conf\eduardo.csr
-keyout ..\conf\eduardo.pem
# Then I entered country code, province, city, etc.
# This step worked correctly.
openssl rsa -in ..\conf\eduardo.pem -out ..\conf\eduardo.key
# Then I entered my pass phrase.
openssl x509 -in ..\conf\eduardo.csr -out ..\conf\eduardo.cert
-req -signkey ..\conf\eduardo.key -days 1000000
And, when executing the last step, I got the following output:
Loading 'screen' into random state - done
Signature ok
subject=/C=PE/ST=Lima/L=Lima/...
Getting Private Key
unable to write 'random state' <--
What does that error mean, and how can I fix it?
Best Answer
openssl tries to write the 'random state' to a file, but the permissions of the directory it is using do not allow to create the file. See:
http://www.openssl.org/support/faq.cgi#USER2