Home / ubuntu / Questions / 1176464
Accepted
m0ng00se
Asked: 2019-09-25 18:07:50 +0800 CST

ubuntu-core 18 Certificate authority - mkdir: cannot create directory /etc/ssl/CA

  • 772

Im following this tutorial https://help.ubuntu.com/lts/serverguide/certificates-and-security.html#creating-a-self-signed-certificate this works fine in ubuntu 18 but not in ubuntu-core 18.

Im trying to create a CA to sign certs for etcd cluster but receive error cannot create directory read only file system. 

user@core-1:~$ sudo mkdir /etc/ssl/CA
mkdir: cannot create directory ‘/etc/ssl/CA’: Read-only file system

Question: Where should the CA be created or how should it be created ?

server ssl ubuntu-core openssl

2 Answers

  1. Linux marks a filesystem as read-only when it discovers errors in the filesystem during mounting.

    • Run Ubuntu Live CD and performed a disk check from there

    If the error still persist, you can proceeded with the following solution:

    • Reboot and select the "recovery mode" kernel from the grub menu. (If you don't see this menu, hold down shift during boot.) You'll end up at a menu; choose the "root shell" option.

    Now it's time to cut-and-paste

    mount -n -o remount,rw / 
touch /forcefsck
shutdown -r now
    • 0
  2. Best Answer

    Creating CA in etc/ssl is not yet possible in ubuntu-core, its possible at the app level, not system level. This link from snapcraft forum explains https://forum.snapcraft.io/t/extending-system-certificates/114

    • 0