Hi I've such problem. Installed openca 0.9.2 Installed openssl-0.9.7
Configured openssl and openca. Right know when i'm starting openca i have to login to Luna so this is fine. Right now i have a problem witch is: Generate new CA secret key (from openca menu) <- schould i create it if my secret key is on LunaCa3 ? Anyway i'm creating it and it is in DER format,but couldn't be read in any way /usr/luna_ssl/bin/openssl rsa -engine LunaCA3 -inform DER -in /usr/local/pki/var/crypto/keys/cakey.pem -text ofcourse i'm login in this session to Luna and have initialized token. engine "LunaCA3" set. unable to load Private Key 1679:error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag:a_set.c:179: 1679:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:939: 1679:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:304:Type=RSA 1679:error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib:d2i_pr.c:96: If i try to read it as a PEM i got inform that there is iqmp missing. And also when trying to do req (from openca Administrative) i also got error. First i'm executing this command from web req -new -config /usr/local/pki/etc/openssl/openssl.cnf -subj "/C=PL/O=BLA/OU=Pixel Technology/CN=BLE/[EMAIL PROTECTED]" -engine LunaCA3 -keyform PEM -key /usr/local/pki/var/crypto/keys/cakey.pem -out /usr/local/pki/var/crypto/reqs/careq.pem and got this error OpenCA::OpenSSL->genReq: Cannot execute command (7777067). engine "LunaCA3" set. unable to load Private Key 1928:error:0D078079:asn1 encoding routines:ASN1_ITEM_EX_D2I:field missing:tasn_dec.c:391:Field=iqmp, Type=RSA 1928:error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib:d2i_pr.c:96: 1928:error:0906700D:PEM routines:PEM_ASN1_read_bio:ASN1 lib:pem_pkey.c:117: error in req I've try to google something without success. Waiting for help. Rastlin
signature.asc
Description: This is a digitally signed message part
