Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

求指路,生成CSR出错,找不到原因 #31

Open
vicacheung opened this issue Oct 25, 2016 · 13 comments
Open

求指路,生成CSR出错,找不到原因 #31

vicacheung opened this issue Oct 25, 2016 · 13 comments

Comments

@vicacheung
Copy link

vicacheung commented Oct 25, 2016
edited
Loading

日志:

Generate CSR…aaa.csr
error on line -1 of /dev/fd/63
3073771784:error:02001002:system library:fopen:No such file or directory:bss_file.c:175:fopen(‘/dev/fd/63′,’rb’)
3073771784:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:178:
3073771784:error:0E078072:configuration file routines:DEF_LOAD:no such file:conf_def.c:195:
@xdtianyu
Copy link
Owner

系统环境呢?哪个脚本?是不是用的 python 2.6?

@vicacheung
Copy link
Author

vicacheung commented Oct 25, 2016
edited
Loading

搬瓦工的vps debian7 32位,python版本是2.7
这个脚本letsencrypt.sh

@xdtianyu
Copy link
Owner

是不是没有 openssl ? ssh-keygen 可以正确运行吗?

@vicacheung
Copy link
Author

vicacheung commented Oct 25, 2016
edited
Loading

openssl装了,之前看过配置文件路径也对。ssh-keygen试过可以正常运行的
补充:都是在root用户下运行

@xdtianyu
Copy link
Owner

是不是找不到 /etc/ssl/openssl.cnf 文件?

@vicacheung
Copy link
Author

不是,配置文件看过了,是/etc/ssl/openssl.cnf没错。

@xdtianyu
Copy link
Owner

我在 kvm 虚拟机里安装了个 debian 7.11 试了下,并没有出现这个问题,应该是哪里的依赖比如 openssl 出了问题吧。可以一行一行执行下看看到哪里出错了。

@vicacheung
Copy link
Author

还是卡在这一步,错误和上面输出的一样,没有更多信息
openssl req -new -sha256 -key "$DOMAIN_KEY" -subj "/" -reqexts SAN -config <(cat $OPENSSL_CONF <(printf "[SAN]\nsubjectAltName=%s" "$DOMAINS")) > "$DOMAIN_CSR"

会不会是minimal系统的原因?

@xdtianyu
Copy link
Owner

echo "$OPENSSL_CONF" 输出的什么呢?可能是 openssl.cnf 文件内容不对。

@vicacheung
Copy link
Author

vicacheung commented Oct 25, 2016
edited
Loading

/etc/ssl/openssl.cnf
这个不是脚本里指定的吗?我执行那一行的时候是直接填的绝对路径。

@vicacheung vicacheung reopened this Oct 25, 2016
@vicacheung
Copy link
Author

vicacheung commented Oct 25, 2016
edited
Loading

找到一个类似情况的问题,然而还是不清楚
http://serverfault.com/questions/742083/openssl-cat-dev-fd-63-no-such-file-or-directory

@xdtianyu
Copy link
Owner

可以通过下边命令确认下

openssl genrsa 2048 > test.key
openssl req -new -sha256 -key test.key -subj "/" -reqexts SAN -config <(cat /etc/ssl/openssl.cnf <(printf "[SAN]\nsubjectAltName=%s" "DNS:example.com")) > "test.csr"

看看有没有报错?

@vicacheung
Copy link
Author 

root@xxxxx:/usr/local/nginx/conf/cert# openssl req -new -sha256 -key test.key -subj "/" -reqexts SAN -config <(cat /etc/ssl/openssl.cnf <(printf "[SAN]\nsubjectAltName=%s" "DNS:example.com")) > "test.csr"
error on line -1 of /dev/fd/63
3074656520:error:02001002:system library:fopen:No such file or directory:bss_file.c:175:fopen('/dev/fd/63','rb')
3074656520:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:178:
3074656520:error:0E078072:configuration file routines:DEF_LOAD:no such file:conf_def.c:195:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@xdtianyu @vicacheung