Error while creating a CSR

Question

During the creation of self-signed certificate using OpenSSL command line tool, i'm encountered with an error

First I created a private key

openssl genrsa -out MyKey1.key 2048

While creating a CSR i'm getting an error

openssl req -new -out MyCert1.req -key MyKey1.key -subj /CN=Description of the Server

Error is

problem creating object tsa-policy1=1.2.3.4.1

5364:error:08064066:object identifier routines:OBJ_create:pid exists:crypto\objects\obj_dat.c:689:

Is there something i'm missing here ?

What version do you use? The error is interesting since it does not have much to do with ts module. Seems like it read the value from `openssl.cnf` but I don't see why. By the way, dont you miss quotation marks here: `-subj "/CN=Description of the Server"`? — Marek Klein, Jan 19 '17 at 14:30
The Version is 1.0.1 Lite. I did have the quotation, missed it while adding it here. — g90uagk, Jan 19 '17 at 15:08

score 13 · Answer 1 · answered Oct 30 '18 at 10:21

13

Close the current cmd window and open new cmd window.
Continue from the second "req" step.

answered Oct 30 '18 at 10:21

kumar

130
1
7

1

worked for me. I think this is a big bug which should be solved by the developing team. – yogihosting May 10 '20 at 17:49

score 3 · Answer 2 · answered Oct 25 '17 at 16:23

3

I had this same problem while creating a self signed certificate... setting these two environment variables fixed it!

set RANDFILE=c:\demo\.rnd
set OPENSSL_CONF=C:\OpenSSL-Win32\bin\openssl.cfg

I found the solution in this blog post

answered Oct 25 '17 at 16:23

j0zeft

597
2
10
29

score 0 · Answer 3 · answered Aug 29 '18 at 08:59

0

I had the same issue when creating client certificate request on Windows platform. Run application as Administrator solves the problem.

answered Aug 29 '18 at 08:59

Karen Tazayan

126
4

score 0 · Answer 4 · answered Dec 28 '20 at 21:38

0

In my situation, I changed the administrator password while I was working so CMD lost the privileges. I closed the current CMD window and opened again

answered Dec 28 '20 at 21:38

metgio

11

Welcome to Stack Overflow and thank you for your attempted answer. However, it should be noted that your answer is pretty much a duplicate of the top voted answer. The *reason* why yours failed may be different (which could warrant a *comment* when you have enough rep), but the step you took to resolve it is exactly the same as noted in the top-voted-answer. – NotTheDr01ds Dec 28 '20 at 22:01

score 0 · Answer 5 · answered Jan 18 '21 at 09:55

Look into the openssl.cnf file for this section:

# Policies used by the TSA examples.

tsa_policy1 = 1.2.3.4.1
tsa_policy2 = 1.2.3.4.5.6
tsa_policy3 = 1.2.3.4.5.7

Comment or remove the tsa_policyX lines, save the configuration file and launch the command again.

Error while creating a CSR

5 Answers5