[Pki-users] certutil: unable to generate key(s)
Marc Sauton
msauton at redhat.com
Wed Apr 29 18:42:22 UTC 2009
Marc Sauton wrote:
> Fortunato wrote:
>> Hello,
>>
>> I haven't found information on the topic but it looks like there's a
>> problem with certutil - using IPv4.
>>
>> [root at localhost alias]# certutil -R -k rsa -g 2048 -s
>> "CN=cisco1.localdomain.com" -o cisco1.cert -v 12 -d
>> /var/lib/pki-sub-ca/ -1 -3 -6
>> certutil: unable to generate key(s)
>> : An I/O error occurred during security authorization.
>>
>> Any ideas would be welcome.
>>
>> _______________________________________________
>> Pki-users mailing list
>> Pki-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/pki-users
>>
> May want to tweak the -d option to point to the alias directory
> <path-to-alias-dir>, not just /var/lib/pki-sub-ca/
> M.
>
> _______________________________________________
> Pki-users mailing list
> Pki-users at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users
Side note: the i/o error happens because of the missing NSS db files,
either wrong alias directory with -d, or need a certutil -N -d <path> to
create them.
M.
More information about the Pki-users
mailing list