On Fri, Mar 25, 2005 at 04:13:38PM +0100, Ives Steglich wrote: > Date: Fri, 25 Mar 2005 16:13:38 +0100 > From: Ives Steglich <[EMAIL PROTECTED]> > Subject: Re: [OpenCA-Devel] CA Certificate serial number. > > Alexei Chetroi wrote: [snip] > > > >> I've tried to issue certificate for the RA admin. It fails with: > >>Error 6761 > >>General Error Error while issuing Certificate to RA Administrator > >>(filename: /var/lib/openca/tmp/b6aeb51cd84562f3.req). > >>OpenCA::OpenSSL returns errocode 7731001 > >>(OpenCA::OpenSSL->issueCert: Cannot create X500::DN-object.). > > > > > > Fixed that too. Now DBD fails: > > yeah, since this isn't an integer field anymore ;) > so we must change dbd interface for this tooo... Why? Now serial is a really big integer :) I've checked postgres, sqlite and oracle. Postgres and sqlite supports NUMERIC types, Oracle supports NUMBER. MySQL supports BIGINT only :(
> > maybe we leave this to the new version? > it would mean a lot of changes not? We may leave it for the next version, in that case openca-0.9.2.2 isn't fully functional on Debian, unless we'll use crypto/serial for the serial of CA certificate. And I cannot be really sure, but I don't think there are a lot of changes. We have to change only code which treats serial as integer involving comparing of two serials. Wherever serial is used as KEY it's ok. I wonder if I'm the only person bitten by this problem. People, what serial number you CA certificate has? Maybe this problem is specific to Debian or my setup only? And I'm not sure about sorting. Does OpenCA sort things at database backend or by itself? > and we would need a converter for the dbd-files too > for the sql tables the same i think... We need change data definition in the OpenCA::DBI and if this is a working setup, alter column type of certificate table. ca_cert_key is already of text type. And I really want to know which programs work without any problems with serials bigger than long int. Best wishes -- Alexei Chetroi Smile... Tomorrow will be worse. (c) Murphy's Law ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ OpenCA-Devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-devel
