Creating a SSL certificate for the feisty server

Discussion in 'HOWTO-Related Questions' started by anotherbigal, Jul 20, 2007.

  1. anotherbigal

    anotherbigal New Member


    I am installing the 7.04 server by following Falko's excellent instructions at but have got stuck creating a SSL certificate.

    After generating a five digit number key by the command:
    openssl genrsa –des3 –rand /etc/hosts –out smtpd.key 1024​
    I went on tothe next command:
    chmod 600 smtpd.key​
    This gave no output whatsoever. I assumed that this is what was expected so went on to:
    Openssl req –new –key smtpd.key –out smtpd.csr​
    This resulted in the following message:
    Error opening Private Key smtp.key
    5973:error:02001002:system library:fopen:No such file or directory:bss_file.c:352:fopen('smtp.key','r')
    5973:error:20074002:BI0 routines:FILE_CONTRL:system lib:bss_file.c:354: unable to load Private Key.

    I presume that I have done something wrong but have got no idea what. More importantly please, does anyone know what I need to do to continue the installation successfully?

    Just a thought though. If I go delete the directory ssl then start again will this create any conflicts elsewhere?
    Last edited: Jul 21, 2007
  2. anotherbigal

    anotherbigal New Member

    Well, did a lot of research and then went for it and removed the ssl directory then started again. This time I used the five digit number generated as my key which worked ok. Subsequent additional research revealed that I could have used a more secure key of my choice (I think). Got a list of questions that were not expected, but completed all of them until I got to the challenge password. Entered a seven digit word, but got told it must be less than 20 bytes long.

    The final instruction in the 'How To' resulted in the same information being requested and culminated in a request for a PEM pass phrase. I have entered one which seems to have been accepted but it looks like an application for a second certificate.

    Anyway, that seems to be all that is required in creating the certificates for TLS although the last instruction does seem to leave the installation rather abruptly.

    I would appreciate confirmation that this is all ok though

    Thank you

    Last edited: Jul 21, 2007
  3. falko

    falko Super Moderator ISPConfig Developer

    Just copy & paste the commands from the tutorial, and when you are asked questions (when the certs are created), you can accept the default values by pressing Enter.

Share This Page