I'm currently setting up an openca-0.9.2 RC2 test installation with all components on one machine, running Suse linux 9.0.
The installation worked fine, except that it was unable to sign any CSR. The error msg in the web page was
Error 6761
General Error. Error while signing Role of test user2 (_filename: /usr/local/openca/var/tmp/12.sig).
OpenCA::OpenSSL returns errorcode 7743071 (OpenCA::OpenSSL->sign: openca-sign failed (-1).)..
After long hours of testing and strace-ing I found an execve
on /usr/bin/openca-sv failing with "file not found".
make install puts openca-sv into /usr/local/bin. A symlink to /usr/bin enables the signing process.
Did I do something wrong during installation or might this be a bug?
You do nothing wrong. It looks like our default configuration does not match exactly the installation. I checked token.xml, config.xml and the Makefile of src/openca-sv/src/. The makefile in src/openca-sv/src installs the new binary to @bindir@ which is in fact @exec_prefix@/bin but @prefix@/bin/openca-sv was configured in token.xml. I changed the paths in token.xml to @EXEC_PREFIX@/bin/openca-sv (I did this for node.conf too). EXEC_PREFIX is a hack in configure.in to get a real path and not something like ${prefix}. The problem should be fixed with RC4.
Would it be possible to improve error handling by simply
reporting things like missing files instead of generating
confusing "general errors"? Not to be missunderstood I appreaciate the developers work
on OpenCA, but it took me really a long time to track this
down.
If we know a specific error then we can check for this error. So now we know this error and I added the appropriate errordetection code to OpenSSL.pm. 0.9.2 RC4 will include this code.
Michael -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ OpenCA-Devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-devel
