OpenSSL produces many error messages which can appear cryptic at times. This topic does not explain all the OpenSSL error messages, but it provides some guidance on how to interpret the messages.
Here is a typical OpenSSL error message that is caused by trying to process a file that does not contain the correct type of data for the supplied command:
openssl dsa -in srvkey.pem -out keyout.pem read DSA key Enter PEM pass phrase: unable to load Key 2588:error:06078081:digital envelope routines:EVP_PKEY_get1_DSA:expecting a dsa key:.\crypto\evp\p_lib.c:241:
The structure breaks down as follows:
Within each code layer specific location information is provided about what status was generated, within which source module and guidance as to the parameter that caused the error.
The important information is usually found in the final line. In this case, the text expecting a dsa key indicates the cause of the failure. The supplied input file exists but does not contain data appropriate for the command that was specified.
The OpenSSL Web site www.openssl.org has several relevant sections, in particular the HOW TO sections.
See OpenSSL Configuration File for more information.