[OpenCA-Devel] Strange problem with automatically generated PIN in basic_csr

[Martin Bartosch]

Hi,

some time ago I added a feature to basic_csr that creates a PIN on
the OpenCA system and displays it to the user who has to enter
it for verification in the request form.

So far this works great, but some users complain about sometimes not
being able to get their requested certificates. Verification on the
original request form (basic_csr) works fine, but downloading
cert+key fails.

The symptom looks very much like a mistyped PIN, but the users report
uniformly that it is unlikely that they mistyped the PIN. They
also claim that whenever this happens, there is a special character
to be found in the Pin, most often a / character.

Does anyone have an idea if this could be a problem? I tried to enter
a PIN with a / in a server request and it seems to work without problem,
but this probobly a different story because OpenSSL is not involved.

Perhaps OpenSSL performs some strange escaping on / and other special
characters when creating the RSA key?

Thanks for your help,

Martin



-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
_______________________________________________
OpenCA-Devel mailing list
OpenCA-Devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-devel