Comments (10)
@bathindahelper You can manually create the file with openssl rand -out <randFile> -hex 256
. In your case sudo openssl rand -out /root/.rnd -hex 256
.
from node-opcua-pki.
Can somebody give me the full command pls?
i was using this command (by finding the exact command from some 2 year old video): sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/nginx.key -out /etc/ssl/certs/nginx.crt
And I'm getting this error: "Can't load /root/.rnd into RNG
140121868997056:error:2406F079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:88:Filename=/root/.rnd"
I'm using latest openssh (just downloaded) on Ubuntu 18.04.x (upgraded)
from node-opcua-pki.
Have you tried creating the file that is missing, eg /home/ubuntu/.rnd?
openssl rand -out /home/ubuntu/.rnd -hex 256
Also, your key and cert is named the same. Switch to -keyout mykey.pem
from node-opcua-pki.
I found a solution for the problem.
OpenSSL 1.1.1b need the command -writerand
instead of -rand
for the random number generation if no .rnd file is present. I changed this in the following files:
node-opcua-pki/dist/lib/pki/certificate_authority.js
node-opcua-pki/dist/lib/pki/toolbox.js
node-opcua-pki/lib/pki/certificate_authority.ts
node-opcua-pki/lib/pki/toolbox.ts
Now the certificates can be created.
from node-opcua-pki.
I found a solution for the problem.
OpenSSL 1.1.1b need the command
-writerand
instead of-rand
for the random number generation if no .rnd file is present. I changed this in the following files:node-opcua-pki/dist/lib/pki/certificate_authority.js
node-opcua-pki/dist/lib/pki/toolbox.js
node-opcua-pki/lib/pki/certificate_authority.ts
node-opcua-pki/lib/pki/toolbox.tsNow the certificates can be created.
Hi @Kiesel38.
how do you make it writable ?
openssl rand <the listed file you mention ?>
from node-opcua-pki.
@Ejdamm : Hej.. I am dealing with a relevant problem when i give this command:
openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout mycert.pem -out mycert.pem
the terminal returns back the following:
Can't load /home/ubuntu/.rnd into RNG
140115398300096:error:2406F079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:88:Filename=/home/ubuntu/.rnd
from node-opcua-pki.
I had the same problem, and then created the .rnd myself as you said. I'm trying to create a self-signed certificate, and this time, when I ran openssl req -x509 -newkey rsa:2048 -keyout ca_key.pem -out ca_cert.pem -days 365
I no longer got an error, but it hangs on "Generating a RSA private key". This is a bit of a different problem, but I was wondering if you could help me out?
This StackExchange answer said it lacks entropy.
Would that mean I need a bigger .rnd file? I'm terribly confused, and new to this stuff.
from node-opcua-pki.
Yes! I tried it before without success, however i managed to figure it out later. Sorry for the delay to respond.
from node-opcua-pki.
I had the same problem, and then created the .rnd myself as you said. I'm trying to create a self-signed certificate, and this time, when I ran
openssl req -x509 -newkey rsa:2048 -keyout ca_key.pem -out ca_cert.pem -days 365
I no longer got an error, but it hangs on "Generating a RSA private key". This is a bit of a different problem, but I was wondering if you could help me out?
This StackExchange answer said it lacks entropy.
Would that mean I need a bigger .rnd file? I'm terribly confused, and new to this stuff.
If you are working on windows, you should set environment variable to path of .rnd file, i.e.
set RANDFILE=.rnd
from node-opcua-pki.
@bathindahelper You can manually create the file with
openssl rand -out <randFile> -hex 256
. In your casesudo openssl rand -out /root/.rnd -hex 256
.
Thanks....
This solution was helpful to solve the problem.
I wanted to create self signed certificate using following command:
openssl req -key private.pem -new -x509 -days 365 -subj "/C=IR/" -out SelfSigned.crt
from node-opcua-pki.
Related Issues (13)
- [Bug] openssl.exe is not found HOT 7
- Certificate revocation lists in PKI should be CRL, not CLR HOT 1
- How / where to run the command? HOT 1
- Cannot pass subject info for createCA HOT 1
- Crash when running (v2.8.0) HOT 4
- TypeError: Path must be a string. Received undefined HOT 2
- yargs regression HOT 2
- Flashing command prompts on windows HOT 2
- pki subfolder "issuers" instead of "issuer" HOT 4
- LibreSSL support
- Client wont work with self signed demo certificates HOT 5
- Generate custom certificate HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from node-opcua-pki.