Hi Paolo, > I can assure you that autosscep works correctly with openca. > We use it routinely with at least 30 connections. > The code from sscep has been fixed within. > But of course my comment could be biased.
I just checked out autosscep but did not have much luck with it, either. I get the same SIGSEGV like in sscep. My client is using openssl 0.9.7d. Any ideas? BTW: Merry Christmas to all users on the list! Martin ------------- Configuration file: ------- # Empty AutoSscep configuration file # just fill the value!! ### General option # The directory that contains certificates CertDir = "/home/martin/stuff/src/autoSscep-0.9.28b/tmp/certs" # The directory that contains the private keys KeyDir = "/home/martin/stuff/src/autoSscep-0.9.28b/tmp/private" # The number of expiration days before start enroll DaysBeforeExpire = "2" # The directory that contains the CA's certificates CADir = "/home/martin/stuff/src/autoSscep-0.9.28b/tmp/" # The bits for the modules KeyBits = "1024" # Signature algorithm (md5 or sha1) SigAlgo = "sha1" ### Info e debug option # Possible values: yes or no. Verbose = "yes" Debug = "yes" ECommand ="" ### CAs' data # Define the CAs data # Encryption algorithm: des, 3des or blowfish. Default: des [CA] DN = "xxxxx TLS CA 3" URL = "http://xxxxx/cgi-bin/scep/scep"; CertFile = "cacert-1" EncCertFile = "cacert-0" EncAlgo = "" VHost = "" [/CA] [Certificate] CertFile = "/home/martin/stuff/src/autoSscep-0.9.28b/tmp/newcert" KeyFile = "/home/martin/stuff/src/autoSscep-0.9.28b/tmp/private/key" # cert's CA Data CADN = "xxxxx TLS CA 3" # DN Data Email = "" Country = "" State = "" Location = "" Organization = "" OrgUnit = "" CommonName = "example123.xxxxx.com:1234" [X509v3EXT] key_usage = "" subject_alt_name = "DNS:example123.xxxxx.com" basic_constraints = "" netscape_cert_type = "" extended_key_usage = "" netscape_comment = "" [/X509v3EXT] ReqCommand = "" [/Certificate] -------- Output: ../autosscep: Reading config file host: xxxxx.10.146 port: 80 dir: /cgi-bin/scep/scep ../autosscep: CA cacert-1 error - unsupported algorithm: '', using DES ../autosscep: File '/home/martin/stuff/src/autoSscep-0.9.28b/tmp/cacert-1' opened ../autosscep: File '/home/martin/stuff/src/autoSscep-0.9.28b/tmp/cacert-0' opened ../autosscep: cannot open local file: '/home/martin/stuff/src/autoSscep-0.9.28b/tmp/certs/home/martin/stuff/src/autoSscep-0.9.28b/tmp/newcert' ../autosscep: Checking config file values ../autosscep: Signature algorithm specified: sha1 ../autosscep: starting autoscep, version 0.9.28b 20 September 2004 ../autosscep: Checking certificate -- > /home/martin/stuff/src/autoSscep-0.9.28b/tmp/newcert ../autosscep: Certificate /home/martin/stuff/src/autoSscep-0.9.28b/tmp/newcert is going to expire (or is missing) ../autosscep: Looking for the CA data ../autosscep: CA founded!! ../autosscep: Starting certificate enrollment for -- > /home/martin/stuff/src/autoSscep-0.9.28b/tmp/newcert ../autosscep: New request ../autosscep: cannot open file for writing ../autosscep: ERROR ON WRITING PRIVATE KEY, copy it from here -----BEGIN RSA PRIVATE KEY----- MIICXAIBAAKBgQCdIOS3JMPnU3p076Mp6HLeeuD5ebi7kyZNBkAPkzXFSZh68YXP [...] 5xwZgblJsss+syQsxUxJdo33E0lDvz47myR/g67h4lM= -----END RSA PRIVATE KEY----- ../autosscep: Creating request FROM CONFIG FILE DATA data for '/home/martin/stuff/src/autoSscep-0.9.28b/tmp/newcert' ../autosscep: cannot open file for writing ../autosscep: generating selfsigned certificate ../autosscep: sending certificate request ../autosscep: transaction_ID = 207856E7BCE77DCD8FF21E99C13EBAE0 ../autosscep: creating inner PKCS#7 ../autosscep: data payload size: 421 bytes Segmentation fault ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
