Which automake package you have installed? I have automake1.7 and don't remember any errors.
I'd been using automake 1.4 when I was writing previous message, now I linked /etc/alternatives/automake to 1.9, and I have the same: [...] cd src/scep; aclocal -I . -I build aclocal: configure.in: 71: macro `AM_PROG_LIBTOOL' not found in library make[2]: *** [auto-scep] Error 1 make[2]: Leaving directory `/root/OCA/openca-0.9.2.1' make[1]: *** [force-auto-files] Error 2 make[1]: Leaving directory `/root/OCA/openca-0.9.2.1' make: *** [config.status] Error 2 [...]
versions: ltmain.sh (GNU libtool 1.1467 2004/04/01 04:43:56) 1.5a autoconf (GNU Autoconf) 2.59 automake (GNU automake) 1.9.5 (gcc is 3.3.5, regarding with scep)
debian/rules after applying patch has no execute permission.
However I tried creating packages with openca-0.9.2.1.tar.gz from
main site download section, and from openca-0.9 (openca_0_9_2_1) from cvs checkout as already mentioned by Ives as "bugfixed version".
cvs head - in the meantime try this:
cvs checkout -P -r openca_0_9_2_1 openca-0.9
Anyway packages are build finally after fixing these above, and configure_etc works without as expected. However I'm still not sure
what about this "node" component - if I install from packages I create,
I have one "node" component, but is it supposed to work with _all_ components with the same config physically? I'd rather expect different
node-management options for ca, ra, pub, ldap..
In old examples and howtos I found there are separate node instances
for each component, even in html guide there's a section entitled
"4.2. How to setup two management interfaces on one server?"
There are also some clues about tuning menu.xml to set up webpage
menu options available for for each component. How does it correspond
with question about one node instance for all online and offline components?
I also noticed, that when I switch from component X to management node,
I need to log on again (this will be probably solved when I switch to
certificate-based authentication to OpenCA pages, instead of setting
keylength to 0).
I hope I'll figure out finally what's all about this management node interface :).
--
Another case is, that it's great that I can create with OpenCA web-accessible certificate authority, with pub, RA and ldap components, and this will be probably useful with one of my linux
installations (in one of companies I work for), however in general I have mainly linux servers / companies, for which I'm aware, that its users are definitely out of basic know-how about certificates, signing, security
etc. What does it mean for me? :) It means, that it will be me, personally, who will take care about their CSRs, about updating CRLs,
and even installing issued certs in their MUAs and browsers :).
So even if CA is web-accessible, I'll be one and only one user of
online pub and ra components :) They refuse to find out anything
about certificates and digital signing, however I'm responsible for
their privacy :>
Short question is, how should I configure OpenCA in this case? I don't
need separate admin for CA, RA, I even don't need RBAC. Anyway I have
about 700 (seven hundred) of users, and I must have certificates and
CSRs in some order, so built-in ca in openssl is not enough :(.
So finally, how should I configure OpenCA/plan PKI in such case?
Regards Piotr
------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ OpenCA-Devel mailing list OpenCA-Devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-devel
