WARNING: can't open config file: ./bin/openssl.cnf
Solution 1
Explaining your problem
This error occurs mainly on Windows computers when you are using OpenSSL package or the Windows installer!
The reason is that OpenSSL failed to locate the openssl.cnf file!
Step-by-Step instructions
I will recommend that you do the following (windows only):
-
Open your command prompt as Administrator (few OpenSSL commands opens in random state), thus when OpenSSL tries to write stuff on your disk it fails.
-
Now before you run any OpenSSL command type the following:
set OPENSSL_CONF=c:\[PATH TO YOUR OPENSSL DIRECTORY]\bin\openssl.cfg
- A sample path is:
C:\OpenSSL-Win32\bin\openssl.cfg
. For Windows (x64-bit) useC:\OpenSSL-Win64\bin\openssl.cfg
!
- A sample path is:
After you did this now you are good to go with your OpenSSL stuff. Try openssl version
and the error is gone.
Remember that everytime you open a command prompt you have to run the above command unless you set this as your environment variable.
Solve your problem
Your problem could be:
- You set the environment variable into the folder
OpenSSL_Win64
. It should be maybe inOpenSSL-Win64
! - You forgot maybe to run the command prompt as a Administrator!
- You set the environment variable to the file
openssl.cnf
but it must beopenssl.cfg
!
Helpful sites
Read also:
- WARNING: can’t open config file: /usr/local/ssl/openssl.cnf on Windows 7 (another detailed instructions for your problem)
- How To Add/Edit Environment Variables in Windows 7 (helpful if you want set the environment variables forever on your Windows!)
Solution 2
Manually creating an openssl.cnf file in the correct location can solve the problem.
Here is a file template (edit as needed):
#
# OpenSSL configuration file.
#
# Establish working directory.
dir = .
[ ca ]
default_ca = CA_default
[ CA_default ]
serial = $dir/serial
database = $dir/certindex.txt
new_certs_dir = $dir/certs
certificate = $dir/cacert.pem
private_key = $dir/private/cakey.pem
default_days = 365
default_md = md5
preserve = no
email_in_dn = no
nameopt = default_ca
certopt = default_ca
policy = policy_match
[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
[ req ]
default_bits = 1024 # Size of keys
default_keyfile = key.pem # name of generated keys
default_md = md5 # message digest algorithm
string_mask = nombstr # permitted characters
distinguished_name = req_distinguished_name
req_extensions = v3_req
[ req_distinguished_name ]
# Variable name Prompt string
#------------------------- ----------------------------------
0.organizationName = Organization Name (company)
organizationalUnitName = Organizational Unit Name (department, division)
emailAddress = Email Address
emailAddress_max = 40
localityName = Locality Name (city, district)
stateOrProvinceName = State or Province Name (full name)
countryName = Country Name (2 letter code)
countryName_min = 2
countryName_max = 2
commonName = Common Name (hostname, IP, or your name)
commonName_max = 64
# Default values for the above, for consistency and less typing.
# Variable name Value
#------------------------ ------------------------------
0.organizationName_default = My Company
localityName_default = My Town
stateOrProvinceName_default = State or Providence
countryName_default = US
[ v3_ca ]
basicConstraints = CA:TRUE
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
[ v3_req ]
basicConstraints = CA:FALSE
subjectKeyIdentifier = hash
Somnath
Updated on February 07, 2020Comments
-
Somnath about 4 years
makecert
and press enter then this error occurs.
I tried with solutions provided but that not worked for me.
ex: set OPENSSL_CONF=c:/OpenSSL_Win64/bin/openssl.cnf
<pre>WARNING: can't open config file: ./bin/openssl.cnf Unable to load config info from ./bin/openssl.cnf WARNING: can't open config file: ./bin/openssl.cnf Error opening Private Key privkey.pem 5344:error:02001002:system library:fopen:No such file or directory:.\crypto\bio\ bss_file.c:398:fopen('privkey.pem','rb') 5344:error:20074002:BIO routines:FILE_CTRL:system lib:.\crypto\bio\bss_file.c:40 0: unable to load Private Key WARNING: can't open config file: ./bin/openssl.cnf Loading 'screen' into random state - done server.csr: No such file or directory Could Not Find C:\xampp\apache\.rnd Could Not Find C:\xampp\apache\privkey.pem Could Not Find C:\xampp\apache\server.csr The system cannot find the file specified. The system cannot find the file specified. ----- Das Zertifikat wurde erstellt. The certificate was provided.</pre>
-
Dr. Hilarius over 6 yearsThanks for this! I installed the 64-bit version but had copied the SET command from someone who installed the 32-bit, so it was the wrong file path.
-
Manza over 4 yearsdoesnt seem to be working (updated into right path)