since 5th of july openssl has offical released the 0.9.8 series if you gonna use this with openca 0.9.2x there are a few things to keep in mind:
if you have enabled functionality to have mulitple certificates with the same subject this will couses conflicts, since the 0.9.7 didn't officially suport it, there where only some patches (from micha for 0.9.7c and some people modified it for e i think) out, which may use a slightly different way to do it the changelog of openssl says: http://www.openssl.org/news/changelog.html *) Make it possible to have multiple active certificates with the same subject in the CA index file. This is done only if the keyword 'unique_subject' is set to 'no' in the main CA section (default if 'CA_default') of the configuration file. The value is saved with the database itself in a separate index attribute file, named like the index file with '.attr' appended to the name. [Richard Levitte] so this isn't tested and confirmed working with openca yet if you need this feature please stay with 0.9.7 of openssl series for the moment, since there may be other possible problems some more of maybe interesting features now available from the changelog: *) Generate muti valued AVAs using '+' notation in config files for req and dirName. [Steve Henson] *) Support for nameConstraints certificate extension. [Steve Henson] *) Support for policyConstraints certificate extension. [Steve Henson] *) Support for policyMappings certificate extension. [Steve Henson] greetings dalini ------------------------------------------------------- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click _______________________________________________ OpenCA-Devel mailing list OpenCA-Devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-devel
