Konstantinos Agouros wrote:
>
> Hi,
>
> either I am doing something wrong or the verification of the RA-Operator-Signa-
> ture on the CA does not work.
>
> I tried to upgrade to the latest SNAP and after reconfiguring the overwritten
> configfiles I am in the situation, where I have the RA-Working (it looks that
> way, I can approve a request and it seems it is signed. After calling
> perl -d ca I found that the openca-verify seems to fail with a 'can't get
> local issuer certificate' I checked the ca-file-path and it seems correct.
>
> Somebody got a clue?
the verify procedure involves two steps:
1. Parsing the signature and getting the certificate from the DB.
2. using the "openca-verify" command to verify the signature.
It seems like your problem is tied to the first step. Check if:
1. You have the chain/ dir updated, if not use the "Rebuild Chani"
command
2. The CA certificate (cacert.pem) is present in the RAServer dir
--
C'you,
Massimiliano Pala
--o-------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager] [EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
http://www.openca.org Tel.: +39 (0)59 270 094
http://openca.sourceforge.net Mobile: +39 (0)347 7222 365
S/MIME Cryptographic Signature
