Hello Bahaaldin, I'm sending you the dump you asked me with a certificate issued after the changes you suggested me.
Thanks a lot for your help.
--- "Alamood, Bahaaldin" <[EMAIL PROTECTED]> escribió:
> Johnny,
>
>
>
> Can you get me a database dump of the certificate
> record that you are trying to revoke. I want one
> that you did after you did my suggestion below. I
> would like to look at the header of the certificate.
> Thanks
>
>
>
> Best regards,
>
> Bahaa Al-amood
>
>
>
>
>
> If I follow your suggestions then no PIN will be in
> the header of certificate table, so which method
> should I use to verify the CRIN entered by the
> users? That's my main problem, how to verify the
> CRIN. I tryed using the dgst command from OpenSSL
> but the output is different from what I have in the
> DB, so do you know any other method to verify the
> CRIN?
>
>
>
> Thanks a lot,
>
> Johnny
>
>
>
>
> Bahaaldin Al-amood <[EMAIL PROTECTED]> escribió:
>
>
>
> Johnny,
>
> Can you try to do the following
>
> 1. edit your ca.conf file and make sure that the
> USE_REQUEST_PIN is set to yes
>
> 2. edit
> $PREFIX/OpenCA/lib/functions/crypto-utils.lib and
> replace this
> line $hashed_pin= $csr->getParsed()->{PIN};
> with this line $hashed_pin=
> $csr->getParsed()->{HEADER}->{PIN};
>
> this line is located in sub
> crypto_add_pin_to_header in
> $PREFIX/OpenCA/lib/functions/crypto-utils.lib
>
>
> 3. request a new issue new certificate and try to
> request a revocation
> it. this Should work for you.
>
>
> let us know if it works for you
>
>
> best regards,
> Bahaa Al-amood
>
>
>
>
>
> On Tue, 2005-06-14 at 18:56 +0200, Johnny Gonzalez
> wrote:
> > Hello everybody,
> >
> > This thread is a little different from the other
> I
> > started this week :-)
> >
> > Her e there are some new newbie questions I have.
> >
> > In the command
> >
> > /usr/local/OpenCA/lib/cmds/addCRR
> >
> > when it creates the data to stored in the data
> field
> > of crr in the db there is these lines
> >
> > $text .= "REVOKE_CERTIFICATE_KEY_DIGEST = " .
> > $parsed->{KEY_DIGEST} . "\n";
> >
> > How does it obtains this KEY_DIGEST?
> > The getParsed sub says this:
> >
> > sub getParsed {
> > my $self = shift;
> >
> > return $self->setError (7431011,
> > $self->{gettext}
> > ("OpenCA::X509->getParsed: The certificate was
> not
> > parsed."))
> > if ( not $self->{parsedItem} );
> > return $self->{parsedItem};
> > }
> >
> >
> > Quite interesting but Still I don't understand
> it.
> >
> > Can anyone point how to get that
> > REVOKE_CERTIFICATE_KEY_DIGEST
> >
> > is this a field from the certificate or
> something?
> > th anks a lot,
> > Johnny
> >
> >
> >
> > ______________________________________________
> > Renovamos el Correo Yahoo!
> > Nuevos servicios, más seguridad
> > http://correo.yahoo.es
> >
> >
> >
>
-------------------------------------------------------
> > SF.Net email is sponsored by: Discover Easy Linux
> Migration Strategies
> > from IBM. Find simple to follow Roadmaps,
> straightforward articles,
> > informative Webcasts and more! Get everything you
> need to get up to
> > speed, fast.
>
http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
> > _______________________________________________
> > OpenCA-Devel mailing list
> > OpenCA-Devel@lists.sourceforge.net
> >
>
https://lists.sourceforge.net/lists/listinfo/openca-devel
>
> _____
>
>
> Correo Yahoo!
> Comprueba qué es nuevo, aquí
>
<http://us.rd.yahoo.com/mail/es/whatsnew/*http:/es.whatsnew.mail.yahoo.com/>
>
> http://correo.yahoo.es
>
>
______________________________________________
Renovamos el Correo Yahoo!
Nuevos servicios, más seguridad
http://correo.yahoo.es
certDump
Description: 856885543-certDump
