Hi to all, during some stress test on my new CMS interface with the
CA, I've noticed that OpenCA has some issues with parallel requests.
On ML I've found some similar discussion, that suggested using locks
on files, but this doesn't resolve the problem. In particular I have 2
errors, randomically. The first is by OpenSSL:
ERROR 6761 Error while issuing Certificate to DIQJCNBUBI (filename:
/home/openca-installed/var/tmp/079A.req). <br><br>
OpenCA::OpenSSL returns errocode 7731075 (OpenCA::OpenSSL->issueCert:
OpenSSL fails (7777067). Using configuration from
/home/openca-installed/etc/openssl/openssl/User.conf
engine "LunaCA3" set.
DEBUG[load_index]: unique_subject = "yes"
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'IT'
stateOrProvinceName :PRINTABLE:'Rome'
localityName :PRINTABLE:'Rome'
organizationName :PRINTABLE:'PKI-FF'
organizationalUnitName:PRINTABLE:'SGAUS'
commonName :PRINTABLE:'DIQJCNBUBI'
Certificate is to be certified until Jul 21 16:16:28 2006 GMT (365 days)
failed to update database
TXT_DB error number 2
error in ca
).
note the "TXT_DB error number 2", this is by OpenSSL. Any idea on this
? I've used
###############################
## Critical section
##
if( not open( LOCKFILE, ">>".getRequired("LockFile")) ) {
$errno = 80003;
$errval = gettext( "Cannot open lockfile." );
return -1;
}
flock(LOCKFILE, LOCK_EX);
##
..........
##
flock(LOCKFILE, LOCK_UN);
close LOCKFILE;
##
## End Critical section
###############################
but the problem is only attenuated.
The other error is very strange:
Error 700
General Error
The compilation of the command cmdCmsMakeCert failed. Error in
tempfile() using /home/openca-installed/var/tmp/XXXXXXXX: Have
exceeded the maximum number of attempts (10) to open temp file/dir at
/home/openca-installed/perl5/i386-linux-thread-multi/OpenCA/OpenSSL/SMIME.pm
line 85
N.B: cmdCmsMakeCert is my command in lib/cmds/
This is something strange, because it refers to SMIME. Any idea also on this ?
--
Diego de Felice
-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id�492&op=click
_______________________________________________
OpenCA-Devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-devel
