在自签CA证书时一直提示出错:

[root@master.mysql.com ssl]# openssl ca -in master.csr -out master.crt -days 365
Using configuration from /etc/pki/tls/openssl.cnf
Check that the request matches the signature
Signature ok
ERROR:Serial number 01 has already been issued,
      check the database/serial_file for corruption
The matching entry has the following details
Type  :Valid
Expires on    :160802074104Z
Serial Number :01
File name     :unknown
Subject Name  :/C=CN/ST=Henan/O=Companyname/OU=Linuxer/CN=www.example.com/emailAddress=webadmin@example.com


解决方法:

[root@master.mysql.com CA]# echo 02 > serial
[root@master.mysql.com ssl]# openssl ca -in master.csr -out master.crt -days 365
Using configuration from /etc/pki/tls/openssl.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
        Serial Number: 2 (0x2)
        Validity
            Not Before: Sep  4 02:27:33 2015 GMT
            Not After : Sep  3 02:27:33 2016 GMT
        Subject:
            countryName               = CN
            stateOrProvinceName       = Henan
            organizationName          = Companyname
            organizationalUnitName    = Linuxer
            commonName                = master.mysql.com
            emailAddress              = master@mysql.com
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            Netscape Comment: 
                OpenSSL Generated Certificate
            X509v3 Subject Key Identifier: 
                CC:E8:58:B9:82:A9:BA:9D:B7:50:C5:53:2A:68:08:CE:9C:4F:05:E0
            X509v3 Authority Key Identifier: 
                keyid:91:0B:59:72:B0:9F:5E:69:EA:E6:FF:7D:A9:E1:14:F1:B7:DE:F5:8C
Certificate is to be certified until Sep  3 02:27:33 2016 GMT (365 days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated

原因是由于原先做实验时由于01签署的是https协议,故无法正常签署。