Hi, I am using a red hat 5 server Red Hat Enterprise Linux Server release 5.3 (Tikanga)
and I would configure Cosign for the CMS Plone in order to create a Single Sing On. I follow the instructions here http://webapps.itcs.umich.edu/cosign/index.php/Cosign_Wiki:Test_install_HOWTO and I found 2 problems: 1) [r...@ictserver certs]# openssl verify -CApath CA/ -purpose sslserver cosignd.crt cosignd.crt: /C=IT/ST=Pisa/O=CNR/OU=SSO/CN=cosignd.local CA error 20 at 0 depth lookup:unable to get local issuer certificate This is the only error I have following the "Certificates generation" instructions. I describe this first problem to give you the complete view of the problem (... and I hope you can help me here too) 2) When I try to star the daemon I get an error usr/local/sbin/cosignd -y /etc/cosign/certs/cosignd.crt -z /etc/cosign/certs/cosignd.key line 15: keyword service takes 5 or 6 args I have deleted the file /etc/cosign/cosign.conf but the error was the same. I do not understand the origin of the error. In order to make cosign I have used the following command ./configure --enable-apache2=/usr/sbin/apxs \ --prefix=/var/lib/cosign \ --sbindir=/usr/sbin \ --mandir=/usr/local/share/man \ --with-filterdb=/var/lib/cosign/filter \ --with-cosigndb=/var/lib/cosign/daemon \ --with-cosignconf=/etc/cosign/cosign.conf \ --with-cosigncadir=/etc/cosign/certs/CA \ --with-cosigncert=/etc/cosign/certs/cert.pem \ --with-cosignkey=/etc/cosign/certs/key.pem In order to generate the certificated I have used the following commands openssl req -new -subj "/C=IT/ST=Pisa/L=Pisa/O=CNR/OU=SSO/CN=Root CA/" \ -x509 -days 365 -keyout demoCA/private/cakey.pem -out demoCA/cacert.pem \ -passout file:pass.txt openssl req -new -subj "/C=IT/ST=Pisa/L=Pisa/O=CNR/OU=SSO/CN=cosignd.local CA/" \ -nodes -keyout "cosignd.key" -out "cosignd.csr" openssl ca -in "cosignd.csr" -out "cosignd.crt" -days 365 -batch -passin file:pass.txt openssl req -new -subj "/C=IT/ST=Pisa/L=Pisa/O=CNR/OU=SSO cgi/CN=cgi-1/" \ -nodes -keyout "cgi.key" -out "cgi.csr" openssl ca -in "cgi.csr" -out "cgi.crt" -days 365 -batch -passin file:pass.txt openssl req -new -subj "/C=IT/ST=Pisa/L=Pisa/O=CNR/OU=SSO mod_cosign/CN=mod_cosign-1/" \ -nodes -keyout "mod_cosign.key" -out "mod_cosign.csr" openssl ca -in "mod_cosign.csr" -out "mod_cosign.crt" -days 365 -batch -passin file:pass.txt Thanks in advance Marco Righi ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Cosign-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cosign-discuss
