Hi, I am trying to get SCEP to work. I am trying it with sscep (C implementation) and scepclient (Java implementation).
With sscep I always and immediately get segment violations (sometimes even before data is sent to the server), so it does not seem to be very robust. Getting the CA certificate with sscep works, though. ../sscep enroll -u http://localhost/cgi-bin/scep/scep -c cacert.pem-0 -k local.key -r local.csr -l mycert.pem ../sscep: sending certificate request Segmentation fault On the other hand, the scepclient Java implementation at least sends a request to the OpenCA SCEP server, but fails with an exception. While tracing the problem I found out that the OpenCA SCEP CGI script invokes the scep command, but this command simply outputs its usage screen (the same that is printed if openca-scep -h is called) This usage output is then sent across HTTP to the SCEP client which produces an exception because it does not expect a chunked encoding (and thus a content length of -1). Badly coded client, of course, but what am I doing wrong here? Any ideas? $ java -jar ../dist/scepclient-cmd.jar -logLevel 3 -requestType PKCS -caCertURL file://`pwd`/cacert.pem -privatekey file://`pqd`/local.key -certReq file://`pwd`/local.csr -serverURL http://localhost/cgi-bin/scep/scep -request foo -certificate cert certRequest [...] INFO: opening connection to http://localhost/cgi-bin/scep/scep operation PKIOperation msg [EMAIL PROTECTED] INFO: return code from scep httpd server : 200 DEBUG: getting content handler DEBUG: content type is application/x-pki-message DEBUG: content length is -1 java.lang.NegativeArraySizeException at ch.othello.openscep.internal.ScepHTTPGet.getContent(ScepHTTPGet.java:136) at ch.othello.openscep.ScepClient.post(ScepClient.java:552) at ch.othello.openscep.internal.commands.certRequest.Execute(certRequest.java:885) at ch.othello.openscep.ScepClient.Execute(ScepClient.java:672) at ch.othello.openscep.CmdClient.main(CmdClient.java:424) ERROR: problem connecting to SCEP server INFO: couldn't send request to SCEP server (no HTTP 200!) ch.othello.openscep.ScepError: couldn't send request to SCEP server (http://localhost/cgi-bin/scep/scep) at ch.othello.openscep.internal.commands.certRequest.Execute(certRequest.java:894) at ch.othello.openscep.ScepClient.Execute(ScepClient.java:672) at ch.othello.openscep.CmdClient.main(CmdClient.java:424) Thanks, Martin ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ _______________________________________________ OpenCA-Devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-devel
