RE: [OpenCA-Devel] IE CSR generation fails with UID

Mon, 27 Mar 2006 09:39:10 -0800 


Hello

In your pub.conf.template file do the following


Edit this line 

DN_TYPE_IE_ELEMENTS "0.9.2342.19200300.100.1.1" "CN" "blah" "blah"
Then run the 

$OPENCA/configure.sh
Then restart the openca server

You  see this number is you oid for the UID attribute


Hope this help

> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:openca-devel-
> [EMAIL PROTECTED] On Behalf Of Francisco Javier Martinez
> Martinez
> Sent: Monday, March 27, 2006 7:58 AM
> To: openca-devel@lists.sourceforge.net
> Subject: [OpenCA-Devel] IE CSR generation fails with UID
> 
> Hello.
> 
> Currently I am installing a testing PKI  OpenCA 0.9.2.4 in a CentOS
box, I
> had to issue certificates with the following subject: UID  + OU + DC
+DC.
> Because our LDAP server had this schema.
> 
> I had modified the pub.conf file to achieve this and  I had
sucessfully
> issue CSR, sign CSR, and publish certificates for 'basic' and 'SPKAC'
> requests, but when I tried to issue CSR for IE, it always fails in the
CSR
> generation or I wonder that colud be in the client-side key
generation,
> it
> is M$ and never is clear what happens inside the box, the only message
> that
> I saw is a message box provided by the openca file 'ieCSR.vbs' telling
me
> that the pkcs10 issue had fail. I had browser this lists and openca
users
> lists and I had found similar requests for help, but nothing clear or
> update, I am using in the client side Windows 2000 + IE 6.0.28 +
capicom
> 
> I had read that UID is not supported with MS, is it true?
> 
> http://www.mail-archive.com/openca-
> [EMAIL PROTECTED]/msg07928.html
> 
>   if yes , is the some patch or trick to include it?
> For my LDAP schema is mandatory that in the subject of the certificate
> exists the UID attribute.
> 
> Thanks in advance.
> 
> Cheers.
> 
> 
> 
> -------------------------------------------------------
> This SF.Net email is sponsored by xPML, a groundbreaking scripting
> language
> that extends applications into web and mobile media. Attend the live
> webcast
> and join the prime developer group breaking into this new coding
> territory!
>
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
> _______________________________________________
> OpenCA-Devel mailing list
> OpenCA-Devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openca-devel


-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid0944&bid$1720&dat1642
_______________________________________________
OpenCA-Devel mailing list
OpenCA-Devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-devel

Reply via email to