Hi, I'm developing a CMS - OpenCA interface for the automatic
issuance of certificates, hoping it can be useful to the project.
The scenario is a SubCA/RA combined server that exposes a service
similar to SCEP (I've started with the
/OPENCA/lib/cmds/scepPKIOperation script as a base).
I've succeded in storing and approving the CSR in the system from the
RA side. Now the problem is the issue of the certificate, in
particular with the line:
my $cert = libIssueCertificate (KEY => $new_serial, DATATYPE =>
"APPROVED_REQUEST");
this function shows always a form that asks for the CA password. I've
inspected other scripts and found something for the Token of the CA.
So I've inserted something like this before making the call to
libIssueCertificate:
our $ca_token = $crypto_layer->getToken ('CA');
but the form always appear, so I've inserset
our $ca_token = $crypto_layer->getToken ('CA');
$ca_token->login if (not $ca_token->keyOnline);
but the problem is the same. How can I resolve this problem ? (if it's
possible to resolve it). I want also to make a general routine that
works also in the presence of an HSM (this is the scenario that I
seek, but now the CA certificate is a standard certificate saved on
the server with it's own password (the same asked from OpenCA in the
form)).
Thanks for the help, bye
--
Diego de Felice
-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games. How far can you shotput
a projector? How fast can you ride your desk chair down the office luge track?
If you want to score the big prize, get to know the little guy.
Play to win an NEC 61" plasma display: http://www.necitguy.com/?r
_______________________________________________
OpenCA-Devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-devel
