Unable to load config info from usr local ssl openssl cnf on Windows

Question

While using OpenSSL on Windows   openssl genrsa -out privatekey pem 1024 -- gt   Created successfully  openssl req -new -x509 -key privatekey pem -out publickey cer -days 365  ---- gt    Showing error message as      unable to load config info from  usr local ssl openssl cnf

User · Answer

After installing OpenSSL I was required to create a new environment variable:

Name: OPENSSL_CONF
Value: C:\Program Files\OpenSSL\openssl.cnf

In powershell:

$env:OPENSSL_CONF = "${env:ProgramFiles}\OpenSSL\openssl.cnf"

This value differs from previous installation versions (as seen in a previous edit of this post). Also, don't forget to add the openssl binary folder ${env:ProgramFiles}\OpenSSL to your Path.

User · Answer

The only thing that worked for me in this situation was the self-created openssl cnf file   Here are the basics needed for this exercise  edit as needed        OpenSSL configuration file       Establish working directory   dir                                ca   default ca                    CA default    CA default   serial                         dir serial database                       dir certindex txt new certs dir                  dir certs certificate                    dir cacert pem private key                    dir private cakey pem default days                  365 default md                    md5 preserve                      no email in dn                   no nameopt                       default ca certopt                       default ca policy                        policy match    policy match   countryName                   match stateOrProvinceName           match organizationName              match organizationalUnitName        optional commonName                    supplied emailAddress                  optional    req   default bits                  1024            Size of keys default keyfile               key pem         name of generated keys default md                    md5                 message digest algorithm string mask                   nombstr         permitted characters distinguished name            req distinguished name req extensions                v3 req    req distinguished name     Variable name             Prompt string  -------------------------    ---------------------------------- 0 organizationName            Organization Name  company  organizationalUnitName        Organizational Unit Name  department  division  emailAddress                  Email Address emailAddress max              40 localityName                  Locality Name  city  district  stateOrProvinceName           State or Province Name  full name  countryName                   Country Name  2 letter code  countryName min               2 countryName max               2 commonName                    Common Name  hostname  IP  or your name  commonName max                64    Default values for the above  for consistency and less typing    Variable name             Value  ------------------------     ------------------------------ 0 organizationName default    My Company localityName default          My Town stateOrProvinceName default   State or Providence countryName default           US    v3 ca   basicConstraints              CA TRUE subjectKeyIdentifier          hash authorityKeyIdentifier        keyid always issuer always    v3 req   basicConstraints              CA FALSE subjectKeyIdentifier          hash   I hope that helps

User · Answer

On Windows Powershell    env OPENSSL CONF      env ProgramFiles  OpenSSL-Win64 bin openssl cfg

User · Answer

In Windows 7 I didn t have to restart  simply run command prompt in administrator mode

User · Answer

On the basic question of why openssl is not found  Short answer Some installation packages for openssl have a default openssl cnf pre-included   Other packages do not  In the latter case you will include one from the link shown below  You can enter additional user-specifics --DN name etc-- as needed   From https   www openssl org docs manmaster man5 config html I quote directly    OPENSSL LIBRARY CONFIGURATION  Applications can automatically configure certain aspects of OpenSSL using the master OpenSSL configuration file  or optionally an alternative configuration file  The openssl utility includes this functionality  any sub command uses the master OpenSSL configuration file unless an option is used in the sub command to use an alternative configuration file   To enable library configuration the default section needs to contain an appropriate line which points to the main configuration section  The default name is openssl conf which is used by the openssl utility  Other applications may use an alternative name such as myapplication conf  All library configuration lines appear in the default section at the start of the configuration file   The configuration section should consist of a set of name value pairs which contain specific module configuration information  The name represents the name of the configuration module  The meaning of the value is module specific  it may  for example  represent a further configuration section containing configuration module specific information  E g     So it appears one must self configure openssl cnf according to your Distinguished Name  DN   along with other entries specific to your use   Here is the template file from which you can generate openssl cnf with your specific entries   One Application actually has a demo installation that includes a demo  cnf file   Additionally  if you need to programmatically access  cnf files  you can include appropriate headers --openssl conf h-- and parse your  cnf files using   CONF modules load file const char  filename  const char  appname                              unsigned long flags     Here are docs for  CONF modules load file

User · Answer

For me on Windows 8  I simply found openssl cnf file and copied it on the C drive  then   openssl req -new -key server key -out server csr -config C  openssl cnf   Worked perfectly

User · Answer

In Windows 10  no need to restart nor run in Administrator s mode but instead set openssl config like so   set OPENSSL CONF C  Program Files  x86  GnuWin32 share openssl cnf   Of course  if you are using GnuWin32

User · Answer

With the GnuWin32 tools I found the openssl cnf under C  gnuwin32 share  set OPENSSL CONF C  gnuwin32 share openssl cnf

User · Answer

You should specify the absolute path to the config  something like this   openssl req -x509 -config  C  OpenSSL-Win64 bin openssl cnf

User · Answer

If you re using Win32 OpenSSL v1 1 0g  setting up this environment variable   set OPENSSL CONF C  OpenSSL-Win32 bin cnf openssl cnf   Before running this command with  server key   successfully creating  server csr    openssl req -new -key server key -out server csr

User · Answer

In my case  I need to set the path of openssl cnf file manually on the command using config option  So the command   openssl req -x509 -config  C  Users sk Downloads openssl-0 9 8k X64 openssl cnf  -newkey rsa 4096 -keyout key pem -out cert pem -nodes -days 900

User · Answer

In windows    Similar scenario    I was facing the same problem But It was during requesting for Certificate Signing Request   I did the below   It Worked for me   Once OpenSSL installed  Ran command prompt as administrator after the system reboot  for the best I did both   run as admin and system reboot   did  1  Error Case   C  OpenSSL-Win64 bin gt openssl req -new -key server key -out server csr   WARNING  can t open config file  C  OpenSSL-Win64 bin openssl cnf AND Unable to load config info from C  OpenSSL-Win64 bin openssl cnf  2  Worked with Warning   C  OpenSSL-Win64 bin gt  openssl req -new -key server key -out server csr -config C  OpenSSL-Win64 bin openssl cfg       Warning message   WARNING  can t open config file  C  OpenSSL-Win64 bin openssl cnf   But prompted me for the Pass Phrase for server key  It worked for me   I referred This link for my assistance    Thank you

User · Answer

For me put variable before calling did the trick   OPENSSL CONF  usr ssl openssl cnf openssl req -new -x509 -key privatekey pem -out publickey cer -days 365

User · Answer

After installing OpenSSL  you need to restart your computer and use Run As Administrator  Then its works

[windows] Unable to load config info from /usr/local/ssl/openssl.cnf on Windows

Examples related to windows

Examples related to openssl

Examples related to public-key-encryption