Michael -
Great! That got me past the "Sign is needed to proceed error."
At first I wasn't able to access the CA Cert from the public server.
<Error Message pca.tcs.tulane.edu/cgi-public/pki?cmd=sendcert>
Error 690
Configuration Error. Can't access CA Certificate!.
</Error Message>
So, I copied the cacert.crt file to a public webpage and accessed it that
way.
Now, the error log for the RA Server shows when I try to approve a
certificate:
<Error Message "Approve Request" from ra-error_log>
Signature OK
Signature OK
Signature OK
Signature OK
Can't call method "getParsed" on an undefined value at
/usr/local/OpenCA/Test/test1/modules/perl5/OpenCA/DBI.pm line 1231.
Compilation failed in require at /usr/local/apache/cgi-ra/RAServer line 197.
Signature OK
Signature OK
Can't call method "getParsed" on an undefined value at
/usr/local/OpenCA/Test/test1/modules/perl5/OpenCA/DBI.pm line 1232.
Compilation failed in require at /usr/local/apache/cgi-ra/RAServer line 197.
</Error Message "Approve Request" from ra-error_log>
<Error Message Displayed>
The Document contained no Data. Try again later, or contact your server's
administrator.
</Error Message Displayed>
<Debug Output>
defining the class parameters
checking the configuration for enough data
preparing the database (vendor dependent)
mysql detected
DB: dbi:mysql:database=openca;host=localhost;port=3306;mysql_ssl=1
connecting to database
try to connect
Checking AutoCommit to be off ...
AutoCommit is off
OpenCA::DBI should now complete
OpenCA::DBI->getItem: ### new function call ###
OpenCA::DBI->getItem: Entering sub getItem
### new function call ###
Entering getArguments
OpenCA::DBI->getArguments: TABLE:REQUEST
OpenCA::DBI->getArguments: MODE:
OpenCA::DBI->getArguments: attribute: KEY
OpenCA::DBI->getArguments: value: 2
OpenCA::DBI->getArguments: attribute: STATUS
OpenCA::DBI->getArguments: value:
OpenCA::DBI->getArguments: attribute: DN
OpenCA::DBI->getArguments: value:
OpenCA::DBI->getArguments: attribute: CN
OpenCA::DBI->getArguments: value:
OpenCA::DBI->getArguments: attribute: EMAIL
OpenCA::DBI->getArguments: value:
OpenCA::DBI->getArguments: attribute: RA
OpenCA::DBI->getArguments: value:
OpenCA::DBI->getArguments: attribute: OPERATOR
OpenCA::DBI->getArguments: value:
OpenCA::DBI->getArguments: attribute: ROLE
OpenCA::DBI->getArguments: value:
OpenCA::DBI->getArguments: attribute: PUBKEY
OpenCA::DBI->getArguments: value:
### new function call ###
Entering getStatus
no status given using datatype: PENDING_REQUEST
given mode is now: "PENDING"
legal status
### leaving function successful ###
OpenCA::DBI->getArguments: status: PENDING
completed successful
### leaving function getArguments ###
OpenCA::DBI->getItem: data complete OpenCA::DBI->getItem: query: select *
from request where (req_key=?) and
(status like 'PENDING')
### new function call ###
Entering sub doQuery
query: select * from request where (req_key=?) and (status like 'PENDING')
bind_values: 2
prepare statement
statement nr.: 1
execute statement
execute succeeded
### leaving function doQuery successfully ###
OpenCA::DBI->getItem: query completed
OpenCA::DBI->getItem: check that there is a non-empty result
OpenCA::DBI->getItem: item returned
### new function call ###
Entering function getResultHash
column:REQUEST_SERIAL
value:2
column:FORMAT
value:SPKAC
column:DATA
value:-----BEGIN HEADER----- TYPE = SPKAC RA = Trustcenter itself SERIAL = 2
OPERATOR = n/a NOTBEFORE
= Wed Jan 23 13:51:45 CST 2002 APPROVED = Fri Feb 1 15:16:23 2002 GMT PIN =
01b307acba4f54f55aafc33bb06bbbf6ca803e9a SUBJ = [EMAIL PROTECTED],
CN=chris crowley, OU=Internet,
O=Tulane University Test CA, C=US SUBJECT_ALT_NAME = [EMAIL PROTECTED]
ROLE = User -----END
HEADER----- EMAIL = [EMAIL PROTECTED] CN = chris crowley 1.OU = Internet O
= Tulane University Test CA C =
US SPKAC =
MIIBRDCBrjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0mZnLtXFwqhC3A8xBbyXYzVT0kQB
iZRYQeIegEii9rz3WrlupW6RgQkIMtvdp7plJ71pVb5RbU9RUYzQ1boOo6g7SDOoPCz8skMMTGdO
XG53ewsqj8Ygikl8m82Z+T62Wo
yaKn4js8RgTxwkxJK2C8GSg5c7l9abe4bszK1q2WsCAwEAARYKMTIzNDU2Nzg5MDANBgkqhkiG9w
0BAQQFAAOBgQCYljmcIbsFL1J32RoZGmYTrwp7I6PX+kdFU6m6VtfJozGoDNjN7/TsTrf86sQSlw
eQLCKmeHQMdQUwpkE+rkcCDAgQ
EVnI0/gBDZiTXQhbZts2W6cogw+pT0zzBYQNEadjsQ0T7mCzmZL9k7zf0F/XTjuKRYhGel2987Yj
meNT+Q==
column:DN
value:[EMAIL PROTECTED], CN=chris crowley, OU=Internet, O=Tulane
University Test CA, C=US
column:CN
value:chris crowley
column:EMAIL
value:[EMAIL PROTECTED]
column:RA
value:Trustcenter itself
column:Operator
value:
column:STATUS
value:PENDING
column:ROLE
value:User
column:PUBKEY
value:-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDSZmcu1cXCqELcDzEFvJdjNVPS
RAGJlFhB4h6ASKL2vPdauW6lbpGBCQgy292numUnvWlVvlFtT1FRjNDVug6jqDtI
M6g8LPyyQwxMZ05cbnd7CyqPxiCKSXybzZn5PrZajJoqfiOzxGBPHCTEkrYLwZKD
lzuX1pt7huzMrWrZawIDAQAB
-----END PUBLIC KEY-----
### leaving function getResultHash ###
OpenCA::DBI->getItem: data:
-----BEGIN HEADER----- TYPE = SPKAC RA = Trustcenter itself SERIAL = 2
OPERATOR = n/a NOTBEFORE =
Wed Jan 23 13:51:45 CST 2002 APPROVED = Fri Feb 1 15:16:23 2002 GMT PIN =
01b307acba4f54f55aafc33bb06bbbf6ca803e9a SUBJ = [EMAIL PROTECTED],
CN=chris crowley, OU=Internet,
O=Tulane University Test CA, C=US SUBJECT_ALT_NAME = [EMAIL PROTECTED] RO
</Debug Output>
> Hi,
>
> several people has reported problems with request approval if their
> certificate is present in the browser. I can simulate the message from
> javascript only if the ca-certificate is not present in the browser. So
> please download the ca-certificate from the public gateway before you
> start working with your certificate.
>
> Netscape wants to include the ca-certificate into the PKCS#7-signature.
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
