https://community.splunk.com/t5/Security/Error-opening-CA-Certificate-ca-pem/m-p/178512#M5301 <P>,<STRONG>Problem generating Certificate because phassphrase was in blank (CentOs)</STRONG></P> <P>I had a problem with my certificate because I left passphrase in blank, so then I could not generate another certificate or open the current one <span class="lia-unicode-emoji" title=":disappointed_face:">😞</span></P> <P>I tried deleting the cakey.pem from your $dir/CA/private</P> <P>First at all check your openssl.cnf in CentOs is in /etc/pki/tls/openssl.cnf. Check the value dir=xxxxxxx<BR /> Enter in that path (example: /etc/pki/tls/openssl.cnf) and check $dir</P> <P>Enter in $dir (example: /etc/pki/CA) and find /private<BR /> Deletes the key file cakey.pem</P> <P>Now, everything should going back to normally.</P> <P>Try to generate your Certificate again (example: $/etc/pki/tls/misc/CA -newca) and That's it!!!</P> <P>Good luck and I hope this post will be helpful!</P> Wed, 18 Mar 2015 17:56:28 GMT aileencita 2015-03-18T17:56:28Z https://community.splunk.com/t5/Security/Error-opening-CA-Certificate-ca-pem/m-p/178507#M5296 <P>I just downloaded a new 6.1 copy of Splunk for FreeBSD. After a wget download and running (tar zxvf splunk-6.1.1-207789-freebsd-7.3-amd64.tgz), I felt I was ready to start Splunk. So I ran ( /opt/splunk/bin/splunk start) and this happened &lt; SEE BELOW &gt;.</P> <P>Any ideas of what might be going on with the ca.pem file issue? I recently upgraded openssl to v1.0.1g. Could that be causing me issues? Or is there some step I've overlooked during the install?</P> <P>Thanks,</P> <P>Splunk&gt; Like an F-18, bro.</P> <P>Checking prerequisites...</P> <PRE><CODE> Checking http port [8000]: open Checking mgmt port [8089]: open Checking configuration... Done. Checking critical directories... Done Checking indexes... Validated: _audit _blocksignature _internal _introspection _thefishbucket history main summary Done </CODE></PRE> <P>New certs have been generated in '/opt/splunk/etc/auth'.</P> <PRE><CODE> Checking filesystem compatibility... Done Checking conf files for problems... Done </CODE></PRE> <P>All preliminary checks passed.</P> <P>Starting splunk server daemon (splunkd)...</P> <P>Done</P> <P>Starting splunkweb... Generating certs for splunkweb server</P> <P>Generating a 1024 bit RSA private key</P> <P>.....++++++</P> <P>...........................++++++</P> <P>writing new private key to 'privKeySecure.pem'</P> <HR /> <P>Signature ok</P> <P>subject=/CN=DOMAIN.NAME/O=SplunkUser</P> <P>Error opening CA Certificate ca.pem</P> <P>34377709224:error:02001002:system library:fopen:No such file or <BR /> directory:bss_file.c:398:fopen('ca.pem','r')</P> <P>34377709224:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:</P> <P>unable to load certificate</P> <P>Command failed (ret=1), exiting.</P> Mon, 28 Sep 2020 16:43:27 GMT https://community.splunk.com/t5/Security/Error-opening-CA-Certificate-ca-pem/m-p/178507#M5296 albyva 2020-09-28T16:43:27Z https://community.splunk.com/t5/Security/Error-opening-CA-Certificate-ca-pem/m-p/178508#M5297 <P>To Update, it looks like I've narrowed the issue to (openssl).</P> <P>root@:/opt/splunk # /usr/bin/openssl req -new -key FILENAME.pem -out FILENAME.csr<BR /> Error opening Private Key FILENAME.pem<BR /> 34381428392:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('FILENAME.pem','r')<BR /> 34381428392:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:<BR /> unable to load Private Key</P> <P>I also found this helpful link with another having a similar issue: <A href="http://answers.splunk.com/answers/44718/splunkweb-certificates-issue" target="_blank">http://answers.splunk.com/answers/44718/splunkweb-certificates-issue</A></P> Mon, 28 Sep 2020 16:43:30 GMT https://community.splunk.com/t5/Security/Error-opening-CA-Certificate-ca-pem/m-p/178508#M5297 albyva 2020-09-28T16:43:30Z https://community.splunk.com/t5/Security/Error-opening-CA-Certificate-ca-pem/m-p/178509#M5298 <P>For some reason, your startup didn't create the ca.pem on first-time run. You might try running <CODE>/opt/splunk/bin/splunk cmd genRootCA.sh</CODE> and see if it will create the file again.</P> Tue, 27 May 2014 01:25:12 GMT https://community.splunk.com/t5/Security/Error-opening-CA-Certificate-ca-pem/m-p/178509#M5298 gkanapathy 2014-05-27T01:25:12Z https://community.splunk.com/t5/Security/Error-opening-CA-Certificate-ca-pem/m-p/178510#M5299 <P>It looks like running genRootCA.sh solved my Certificate issues. Thanks. Although it appears splunkweb is failing to kick in. I'll troubleshoot that issue and see if I need to open a new Question.</P> <P>Thanks.</P> <P>.<BR /> .<BR /> .<BR /> New certs have been generated in '/opt/splunk/etc/auth'.<BR /> Checking filesystem compatibility... Done<BR /> Checking conf files for problems...<BR /> Done<BR /> All preliminary checks passed.</P> <P>Starting splunk server daemon (splunkd)...<BR /> Done</P> <P>Starting splunkweb... Error starting splunkweb.</P> Tue, 27 May 2014 13:10:47 GMT https://community.splunk.com/t5/Security/Error-opening-CA-Certificate-ca-pem/m-p/178510#M5299 albyva 2014-05-27T13:10:47Z https://community.splunk.com/t5/Security/Error-opening-CA-Certificate-ca-pem/m-p/178511#M5300 <P>You can try <CODE>./splunk createssl web-cert</CODE> to get the splunkweb certificate. If that doesn't work, it may be because the hashed password for the certificate in <CODE>/opt/splunk/etc/system/local/server.conf</CODE> in <CODE>sslKeysFilePassword</CODE> is now wrong after the regeneration. You can replace that with plaintext <CODE>password</CODE> (that's the default password, you can change it with openssl) and Splunk will re-hash it.</P> Tue, 27 May 2014 15:37:21 GMT https://community.splunk.com/t5/Security/Error-opening-CA-Certificate-ca-pem/m-p/178511#M5300 gkanapathy 2014-05-27T15:37:21Z https://community.splunk.com/t5/Security/Error-opening-CA-Certificate-ca-pem/m-p/178512#M5301 <P>,<STRONG>Problem generating Certificate because phassphrase was in blank (CentOs)</STRONG></P> <P>I had a problem with my certificate because I left passphrase in blank, so then I could not generate another certificate or open the current one <span class="lia-unicode-emoji" title=":disappointed_face:">😞</span></P> <P>I tried deleting the cakey.pem from your $dir/CA/private</P> <P>First at all check your openssl.cnf in CentOs is in /etc/pki/tls/openssl.cnf. Check the value dir=xxxxxxx<BR /> Enter in that path (example: /etc/pki/tls/openssl.cnf) and check $dir</P> <P>Enter in $dir (example: /etc/pki/CA) and find /private<BR /> Deletes the key file cakey.pem</P> <P>Now, everything should going back to normally.</P> <P>Try to generate your Certificate again (example: $/etc/pki/tls/misc/CA -newca) and That's it!!!</P> <P>Good luck and I hope this post will be helpful!</P> Wed, 18 Mar 2015 17:56:28 GMT https://community.splunk.com/t5/Security/Error-opening-CA-Certificate-ca-pem/m-p/178512#M5301 aileencita 2015-03-18T17:56:28Z