“Error opening CA private key” on Windows

2019-05-29 02:12发布

问题:

I am running on Windows Server 2003, and installed Win64 OpenSSL v1.0.1i Light

No matter what guide I follow to set it up, I always end up with the following error when trying to actually sign a certificate

openssl ca -in my.csr -out my.cert.pem

Using configuration from C:\OpenSSL-Win64\bin\openssl.cfg
Loading 'screen' into random state - done
Error opening CA private key ./myCA/private/myCA.key.pem
1776:error:02001003:system library:fopen:No such process:.\crypto\bio\bss_file.c:398:fopen('./myCA/private/myCA.key.pem','rb')
1776:error:20074002:BIO routines:FILE_CTRL:system lib:.\crypto\bio\bss_file.c:400:
unable to load CA private key

The paths to the key exist (triple and quadruple checked).
However I don't know what is this .\crypto\ that it's looking for.

I did not have this issue using pre-installed Mac OS's openssl, so makes me think there is an environment pre-requisite that is missing...

回答1:

The path to myCA.key.pem is relative so it depends from which directory you run openssl. If your working directory is C:/OpenSSL-Win64/bin/ then the path to private key of CA should be C:/OpenSSL-Win64/bin/myCA/private/myCA.key.pem