Thanks Chris. I'm not trying to generate self-signed certificates. Instead I'm trying to sign certificate requests generated from other servers.
At any rate, I figured out how to get everything to compile. There were a couple of issues: The XML-Parser contrib module wouldn't compile because it was missing expat. I downloaded expat from sourceforge and tried to compile it and had problems. The fix was kind of silly - I had to change my shell from csh to sh to get it to compile and install. So I installed expat, and the XML-parser contrib module still complained that it was missing expat. I ended up having to go into the src/contrib/tmp directory and specify that the expat library and header files were in /usr/local/lib with "perl Makefile.PL". I then removed the XML-parser module from the src/contrib Makefile. I was then able to compile up until it got to src/modules and tried to compile OpenCA-SV. It wouldn't compile - so I downloaded the latest version of OpenCA-SV and compiled and installed it. I then removed the OpenCA-SV.tar.gz file from src/modules so that the Makefile there wouldn't try to uncompress and compile it. At that point I was able to run "make full-ca" from the top directory without incident. Hopefully someone else can benefit from my experience and install OpenCA-0.8.1 on OpenBSD 3.0 without as many problems as I had. I am used to just typing "configure" and then "make install". On Thu, 28 Mar 2002, Christopher Crowley wrote: > Date: Thu, 28 Mar 2002 16:30:12 -0600 > From: Christopher Crowley <[EMAIL PROTECTED]> > To: Tony Torzillo <[EMAIL PROTECTED]>, > [EMAIL PROTECTED] > Subject: Re: [Openca-Users] Need basic help on compiling and use > > Tony - > > First things first. I want to encourage you to participate. OpenCA is a > great project with a substantial goal, and is well on its way to achieving > it. Having said this, you can do what I think you are trying to do without > using OpenCA. > > HowTos: > http://www.redhat.com/docs/manuals/linux/RHL-7.1-Manual/ref-guide/s1-install > ation-selfsigned.html > > http://www.pseudonym.org/ssl/ssl_ca.html > > > OpenCA is an infrastructure project that is designed to provide a > centralized authority for distribution of certificates to many people, and > for many servers. Only if you need that sort of functionality, is OpenCA > the right project for you. If you need a couple of self-signed certs, > OpenSSL will be sufficiently powerful. Actual deployment involves a lot of > Administrative measures. > > > Chris > > > > ----- Original Message ----- > From: "Tony Torzillo" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Thursday, March 28, 2002 3:17 PM > Subject: [Openca-Users] Need basic help on compiling and use > > > > > > I wanted to install OpenCA to solve a particular problem. I want to be > > able to sign digital certificate requests, and don't want to pay Verisign > > or Thawte to sign certificates for what will be an internal use only > > application. I tried doing this with openssl as follows: > > > > I ran the following command on the CA server: > > > > phatbsd# openssl x509 -req -days 365 -in /home/torzillo/home.csr -CA > > /etc/ssl/ca.crt \ > > -CAkey /etc/ssl/private/ca.key -CAcreateserial \ > > -out /home/torzillo/home.crt > > > > Note that I ran this command and it did not generate any error messages. > > However, when I went to look in the directory /home/torzillo, the file > > home.crt did not exist. > > > > phatbsd# ls > > .cshrc .login .mailrc .profile .rhosts home.csr > > > > I am using OpenBSD 3.0, with OpenSSL 0.9.6b [engine] 9 Jul 2001. > > > > I tried installing OpenCA version 0.8.1 and had some problems getting it > > to compile on OpenBSD. I'd like to know if anyone has successfully > > compiled OpenCA 0.8.1 on OpenBSD 3.0 and if so if you have any tips for > > helping me to get it to compile. If there is another operating system > > that I could use (Redhat Linux?) then I am perfectly willing to build > > another system and try that to get this to work. > > > > I'm at my wits end with trying to get this installed, and was hoping > > someone could take pity on me and give me some pointers. > > > > My other question is fairly basic - can I accomplish what I am trying to > > do with openssl without even installing OpenCA? I feel like I am using a > > nuclear flyswatter. I was thinking about upgrading to OpenSSL 0.9.6c, and > > using the ca.pl script for this. I would however like to use OpenCA if > > possible, because I like the idea of being able to use the CGI scripts to > > do this with a web UI. > > > > Thanks, > > > > Tony > > > > > > > > > > _______________________________________________ > > Openca-Users mailing list > > [EMAIL PROTECTED] > > https://lists.sourceforge.net/lists/listinfo/openca-users > > > > _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
