Hello Bahaaldin
Thanks for you answer, but I have a problem
If I follow your suggestions then no PIN will be in the header of certificate table, so which method should I use to verify the CRIN entered by the users? That's my main problem, how to verify the CRIN. I tryed using the dgst command from OpenSSL but the output is different from what I have in the DB, so do you know any other method to verify the CRIN?
Thanks a lot,
Johnny
Bahaaldin Al-amood <[EMAIL PROTECTED]> escribió:
Johnny,
Can you try to do the following
1. edit your ca.conf file and make sure that the
USE_REQUEST_PIN is set to yes
2. edit $PREFIX/OpenCA/lib/functions/crypto-utils.lib and replace this
line $hashed_pin= $csr->getParsed()->{PIN};
with this line $hashed_pin= $csr->getParsed()->{HEADER}->{PIN};
this line is located in sub crypto_add_pin_to_header in
$PREFIX/OpenCA/lib/functions/crypto-utils.lib
3. request a new issue new certificate and try to request a revocation
it. this Should work for you.
let us know if it works for you
best regards,
Bahaa Al-amood
On Tue, 2005-06-14 at 18:56 +0200, Johnny Gonzalez wrote:
> Hello everybody,
>
> This thread is a little different from the other I
> started this week :-)
>
> Her e there are some new newbie questions I have.
>
> In the command
>
> /usr/local/OpenCA/lib/cmds/addCRR
>
> when it creates the data to stored in the data field
> of crr in the db there is these lines
>
> $text .= "REVOKE_CERTIFICATE_KEY_DIGEST = " .
> $parsed->{KEY_DIGEST} . "\n";
>
> How does it obtains this KEY_DIGEST?
> The getParsed sub says this:
>
> sub getParsed {
> my $self = shift;
>
> return $self->setError (7431011,
> $self->{gettext}
> ("OpenCA::X509->getParsed: The certificate was not
> parsed."))
> if ( not $self->{parsedItem} );
> return $self->{parsedItem};
> }
>
>
> Quite interesting but Still I don't understand it.
>
> Can anyone point how to get that
> REVOKE_CERTIFICATE_KEY_DIGEST
>
> is this a field from the certificate or something?
> th anks a lot,
> Johnny
>
>
>
> ______________________________________________
> Renovamos el Correo Yahoo!
> Nuevos servicios, más seguridad
> http://correo.yahoo.es
>
>
> -------------------------------------------------------
> SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
> from IBM. Find simple to follow Roadmaps, straightforward articles,
> informative Webcasts and more! Get everything you need to get up to
> speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
> _______________________________________________
> OpenCA-Devel mailing list
> OpenCA-Devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openca-devel
Correo Yahoo!
Comprueba qué es nuevo, aquí
http://correo.yahoo.es
