On 13:38 Mon 17 Jul , Martin Bartosch wrote: > Hi, > > > I tried with Java SCEP (http://www.urut.ch/scep/), but I can't succeed > > either. Does anyone have a clue ? > > > > I always have the same error : > > Error 723705 General Error Cannot extract the transaction ID from the > > SCEP message! > > - have you set up the SCEP server certificate properly?
In fact, the SCEP certificate was not on the right server (shame on me). Now, it is on the right server (the CDP) in config.xml. I ran configure_etc.sh and restarted openca. > - SCEP key shall not be protected with a pass phrase (but configure a > dummy passphrase in config.xml!) The private key is not protected by a passphrase, and I put a dummy passphrase in config.xml (I also tried without). > - first try to download the CA certificates using sscep (getca) Now, the problem is entirely different : when I try to download the CA certificate, the SCEP client hang and a "top" on the server shows: PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 22278 apache 25 0 3660 2092 1264 R 98.6 0.8 0:13.62 scep The process never ends and I must kill it. What do you think I should do ? Do you know how to attach a process with a perl debugger ? > - verify that the complete chain is returned by the server > - use the FIRST certificate returned as CA certificate during SCEP > enrollment > > Hope this helps, Thanks for your help. > Martin Nicolas MASSE ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
