Hi, in my test environment I have some certificates that were "approved without signing" by the RA admin and issued by the CA. Of course these certs do not contain a signature on the cert's role in the database.
However, if I try to access the cert from the certificate overview list, I get the following error: OpenCA: General error trapped 6295030: Invalid signature of the role of the user 23. (Hackers on the Road?) The errorcode from the cryptoshell is 7742075. OpenCA::OpenSSL->verify: openca-sv failed. [Error]: error:0906D06C:PEM routines:PEM_read_bio:no start line<br> Compilation failed in require at /usr/local/openca-0.9.2/etc/openca_start line 62. This prevents such certificates from being displayed or even revoked. I found a dirty workaround to get rid of these certs by temporarily replacing the openca-sv binary with a dummy binary that always returns true :-) But I think the system should be able to handle this condition, the cert should be displayable even if no sig is attached. And the cert should also be revokable by RA and CA operator, shouldn't it? Martin ------------------------------------------------------- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 _______________________________________________ OpenCA-Devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-devel