Ubuntu
openssl package

  1. Bug #6761
  2. Comment #3

Comment 3 for bug 6761

Revision history for this message
In , Wichert Akkerman (wichert) wrote : Renewing certs does not work

severity 176062 serious
thanks

This bug still seems to be present and it is preventing me from renewing
the cert for Alioth:

[tornado;~/spi/CA]-113> openssl ca -out newcert.pem -infiles alioth.debian.org.csr
Using configuration from /usr/lib/ssl/openssl.cnf
Enter pass phrase for ./CA/private/cakey.pem:
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'US'
stateOrProvinceName :PRINTABLE:'Indiana'
localityName :PRINTABLE:'Indianapolis'
organizationName :PRINTABLE:'Software in the Public Interest'
organizationalUnitName:PRINTABLE:'Debian'
commonName :PRINTABLE:'alioth.debian.org'
emailAddress :IA5STRING:'<email address hidden>'
Certificate is to be certified until Apr 9 11:03:40 2005 GMT (365 days)
Sign the certificate? [y/n]:y
failed to update database
TXT_DB error number 2

All permissions are correct. An strace reveals that openssl is not even
trying to do anything on disk:

write(2, "Sign the certificate? [y/n]:", 28) = 28
getpid() = 8217
getpid() = 8217
fstat64(0, {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 1), ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4001a000
read(0, "y\n", 1024) = 2
getpid() = 8217
getpid() = 8217
open("/dev/urandom", O_RDONLY|O_NONBLOCK|O_NOCTTY) = 6
select(7, [6], NULL, NULL, {0, 10000}) = 1 (in [6], left {0, 10000})
read(6, "[..]", 32) = 32
close(6) = 0
getpid() = 8217
getpid() = 8217
getuid32() = 1000
getpid() = 8217
time(NULL) = 1081507779
getpid() = 8217
time([1081507779]) = 1081507779
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217
write(2, "failed to update database\n", 26) = 26
getpid() = 8217
getpid() = 8217
getpid() = 8217
getpid() = 8217

Wichert.

--
Wichert Akkerman <email address hidden> It is simple to make things.
http://www.wiggy.net/ It is hard to make things simple.