We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
This issue has been migrated from Redmine: https://dev.icinga.com/issues/10074
Created by jflach on 2015-09-01 16:01:26 +00:00
Assignee: mfriedrich Status: Resolved (closed on 2015-09-03 15:12:15 +00:00) Target Version: 2.3.10 Last Update: 2015-09-03 15:19:34 +00:00 (in Redmine)
Icinga Version: 2.4.0 Backport?: Already backported Include in Changelog: 1
$ openssl x509 -req -in client.req [...] unable to load number from /var/lib/icinga2/ca/serial.txt 140112921380496:error:0D066096:asn1 encoding routines:a2i_ASN1_INTEGER:short line:f_int.c:215: $ cat /var/lib/icinga2/ca/serial.txt 3
serials have to be two digit numbers, '03' in this case.
Changesets
2015-09-03 15:12:01 +00:00 by mfriedrich 9a2ae6e
Fix missing zero padding for generated CA serial fixes #10074
2015-09-03 15:17:03 +00:00 by mfriedrich c953104
The text was updated successfully, but these errors were encountered:
Updated by mfriedrich on 2015-09-03 15:08:19 +00:00
Ok, I'm able to reproduce it:
# openssl req -key nbmif.int.netways.de.key -new -out client.req # cat /var/lib/icinga2/ca/serial.txt 9 # openssl x509 -req -in client.req -CA /var/lib/icinga2/ca/ca.crt -CAkey /var/lib/icinga2/ca/ca.key -CAserial /var/lib/icinga2/ca/serial.txt -out client.pem Signature ok subject=/C=DE/L=Default City/O=Default Company Ltd Getting CA Private Key unable to load number from /var/lib/icinga2/ca/serial.txt 139696169211768:error:0D066096:asn1 encoding routines:a2i_ASN1_INTEGER:short line:f_int.c:215:
The problem comes from padding zeros required for openssl serials. See http://stackoverflow.com/a/10632725
# openssl x509 -req -in client.req -CA /var/lib/icinga2/ca/ca.crt -CAkey /var/lib/icinga2/ca/ca.key -CAserial /var/lib/icinga2/ca/serial.txt -out client.pem Signature ok subject=/C=DE/L=Default City/O=Default Company Ltd Getting CA Private Key
Sorry, something went wrong.
Updated by mfriedrich on 2015-09-03 15:12:15 +00:00
Applied in changeset 9a2ae6e.
Updated by mfriedrich on 2015-09-03 15:19:34 +00:00
No branches or pull requests
This issue has been migrated from Redmine: https://dev.icinga.com/issues/10074
Created by jflach on 2015-09-01 16:01:26 +00:00
Assignee: mfriedrich
Status: Resolved (closed on 2015-09-03 15:12:15 +00:00)
Target Version: 2.3.10
Last Update: 2015-09-03 15:19:34 +00:00 (in Redmine)
serials have to be two digit numbers, '03' in this case.
Changesets
2015-09-03 15:12:01 +00:00 by mfriedrich 9a2ae6e
2015-09-03 15:17:03 +00:00 by mfriedrich c953104
The text was updated successfully, but these errors were encountered: