问题描述
我正在尝试通过Powershell生成SSL证书,并为其使用openssl。 下面是我的代码:
Function new-csr {
[CmdletBinding()]
Param(
$country,#2 please enter char country code
$state,#state
$locality,#city
$org,# organization name
$ou,# orhanization unit name
$cn,# common name hostname
$email,# contact email
$randpath,# path for file
$privateKeyPath,# path to private key
$csrPath # path to certificate signin request (output)
)
# if private key has not been created,create one
if(-not (Test-Path $privateKeyPath)){
openssl genrsa -out $privateKeyPath 2048
}
if(-not(Test-Path $randpath)){
openssl rand -out $randpath
}
$subject = "`"/C=$country/ST=$state/L=$locality/O=$org/OU=$ou/CN=$cn`""
openssl req -new -key $privateKeyPath -rand $randpath -subj $subject -out $csrPath
}
尝试在Admin权限下在PowerShell中执行它时。我收到权限被拒绝的错误。 我的猜测是这可能是由于.cnf文件位于Program Files下。所以我应该尝试卸载PowerShell并再次在Program Files文件夹之外重新安装吗?
无法打开C:\ Program Files \ OpenSSL-Win64 \ bin \ cnf进行读取,权限被拒绝 9604:错误:02001005:系统库:fopen:输入/输出错误:crypto \ bio \ bss_file.c:69:fopen('C:\ Program Files \ OpenSSL-Win64 \ bin \ cnf','rb') 9604:错误:2006D002:BIO例程:BIO_new_file:系统lib:crypto \ bio \ bss_file.c:78: 9604:错误:0E078002:配置文件例程:def_load:系统lib:crypto \ conf \ conf_def.c:170: 9604:错误:02001005:系统库:fopen:输入/输出错误:crypto \ bio \ bss_file.c:69:fopen('C:\ Program Files \ OpenSSL-Win64 \ bin \ cnf','r') 9604:错误:2006D002:BIO例程:BIO_new_file:系统lib:crypto \ bio \ bss_file.c:78:
Environmentvariable:路径为 C:\ Program Files \ OpenSSL-Win64 \ bin
UserVariable as OPENSSL_CONF = C:\ Program Files \ OpenSSL-Win64 \ bin \ cnf
解决方法
我发现了问题。问题是,如果您使用的是公司笔记本电脑或VPN。很可能您将在访问Program Files文件夹中的文件时遇到权限问题。
我卸载了OpenSSL,并将其重新安装在Program Files文件夹之外。确保将其安装在Program Files之外。
这对我有用。我可以创建CSR。