Good afternoon I'm having a problem trying to generate RSA keys, I'm running in cmd as administrator in Windows 10. Step to detail.
The first step is to create the private key pair (cakey.pem) and public key (cacert.pem) of our CA using the RSA algorithm (since DSA only serves to sign). A bit length (2048) is chosen according to the security that a CA needs.
The private key pair (clientkey.pem) and CSR (client.cert.req) that will be sent to the CA are created for the Client (CSR stands for Certificate Signing Request or request for certificate signing).
From the Client's CSR (client.cert.req), a signed X509 certificate (version 3) is created with the private key of the CA (clientcert.pem).
3. openssl ca -days 3650 -in client \ csr \ client.cert.req -out client \ signed \ clientcert.pem -config openssl.cfg
Finally, the client's private key (clientkey.pem) and its certificate issued by the CA (clientcert.pem) are exported to PKCS # 12 (client.p12).
4. openssl pkcs12 -export -out client \ client.p12 -inkey client \ private \ clientkey.pem -in client \ signed \ clientcert.pem
The problem arises in point three where I have the following error: C: \ OpenSSL \ bin> openssl ca -days 3650 -in client \ csr \ client.cert.req -out client \ signed \ clientcert.pem -config openssl.cnf Using configuration from openssl.cnf Error opening CA private key ./demoCA/private/cakey.pem 13172: error: 02001003: system library: fopen: No such process: bss_file.c: 402: fopen ('./ demoCA / private / cakey.pem', 'rb') 13172: error: 20074002: BIO routines: FILE_CTRL: system lib: bss_file.c: 404: unable to load CA private key
I thank you infinitely Greetings from Uruguay