Possibly relating to bug #60733. First documented in http://forums.gentoo.org/viewtopic.php?t=182240. When I do this: ./CA.pl -sign Using configuration from /etc/ssl/openssl.cnf 11094:error:0E06D06C:configuration file routines:NCONF_get_string:no value:conf_lib.c:329:group=CA_default name=unique_subject Enter pass phrase for ./demoCA/private/cakey.pem: I can enter the correct pass phrase and the process completes OK. Then I do this: openssl x509 -in newcert.pem -out /etc/stunnel/stunnel.pem And that is fine. When I run stunnel, I get this: 2004.06.05 20:46:04 LOG5[11074:16384]: stunnel 4.04 on i686-pc-linux-gnu PTHREAD+LIBWRAP with OpenSSL 0.9.7d 17 Mar 2004 2004.06.05 20:46:04 LOG3[11074:16384]: error stack: 140B3009 : error:140B3009:SSL routines:SSL_CTX_use_RSAPrivateKey_file:PEM lib 2004.06.05 20:46:04 LOG3[11074:16384]: SSL_CTX_use_RSAPrivateKey_file: 906D06C: error:0906D06C:PEM routines:PEM_read_bio:no start line
Where do you get ./CA.pl from? What directory are you in? Some errors with x509 can come from entries being invalid, such as giving a country string longer that 2 bytes, or null-length common-name etc. Need info would be needed in order to identify your problem. /usr/share/doc/4.05/ca.pl is the closest I can see from stunnel, or /etc/ssl/misc/CA.pl from the openssl package itself.
Are you still having this problem?
Please let me know! :)
Yes, nothing has changed.
Can you try the 4.09 version in portage? I just committed that today.
