This is the error I would get if the service email account wasn't
configured:
Error 690
Configuration Error. You must specify at minimum a mail account for the
CA (SERVICE_MAIL_ACCOUNT)!.
This is something else:
Error 700
General Error. Cannot encrypt PIN-mail! Aborting!
This is what I get in error.log of apache:
Using configuration from /usr/local/OpenCA/etc/openssl/openssl.cnf
Using configuration from /usr/local/OpenCA/etc/openssl/openssl.cnf
Using configuration from /usr/local/OpenCA/etc/openssl/openssl.cnf
unknown option -pubkey
req [options] <infile >outfile
where options are
-inform arg input format - DER or PEM
-outform arg output format - DER or PEM
-in arg input file
-out arg output file
-text text form of request
-noout do not output REQ
-verify verify signature on REQ
-modulus RSA modulus
-nodes don't encrypt the output key
-engine e use engine e, possibly a hardware device
-subject output the request's subject
-passin private key password source
-key file use the private key contained in file
-keyform arg key file format
-keyout arg file to send the key to
-rand file:file:...
load the file (or the files in the directory) into
the random number generator
-newkey rsa:bits generate a new RSA key of 'bits' in size
-newkey dsa:file generate a new DSA key, parameters taken from CA in
'file'
-[digest] Digest to sign with (md5, sha1, md2, mdc2, md4)
-config file request template file.
-subj arg set or modify request subject
-new new request.
-batch do not ask anything during request generation
-x509 output a x509 structure instead of a cert. req.
-days number of days a certificate generated by -x509 is valid
for.
-set_serial serial number to use for a certificate generated by
-x509.
-newhdr output "NEW" in the header lines
-asn1-kludge Output the 'request' in a format that is wrong but some
CA's
have been reported as requiring
-extensions .. specify certificate extension section (override value in
config file)
-reqexts .. specify request extension section (override value in
config file)
-utf8 input characters are UTF8 (default ASCII)
Using configuration from /usr/local/OpenCA/etc/openssl/openssl.cnf
Using configuration from /usr/local/OpenCA/etc/openssl/openssl.cnf
Using configuration from /usr/local/OpenCA/etc/openssl/openssl.cnf
Using configuration from /usr/local/OpenCA/etc/openssl/openssl.cnf
unknown option -pubkey
req [options] <infile >outfile
where options are
-inform arg input format - DER or PEM
-outform arg output format - DER or PEM
-in arg input file
-out arg output file
-text text form of request
-noout do not output REQ
-verify verify signature on REQ
-modulus RSA modulus
-nodes don't encrypt the output key
-engine e use engine e, possibly a hardware device
-subject output the request's subject
-passin private key password source
-key file use the private key contained in file
-keyform arg key file format
-keyout arg file to send the key to
-rand file:file:...
load the file (or the files in the directory) into
the random number generator
-newkey rsa:bits generate a new RSA key of 'bits' in size
-newkey dsa:file generate a new DSA key, parameters taken from CA in
'file'
-[digest] Digest to sign with (md5, sha1, md2, mdc2, md4)
-config file request template file.
-subj arg set or modify request subject
-new new request.
-batch do not ask anything during request generation
-x509 output a x509 structure instead of a cert. req.
-days number of days a certificate generated by -x509 is valid
for.
-set_serial serial number to use for a certificate generated by
-x509.
-newhdr output "NEW" in the header lines
-asn1-kludge Output the 'request' in a format that is wrong but some
CA's
have been reported as requiring
-extensions .. specify certificate extension section (override value in
config file)
-reqexts .. specify request extension section (override value in
config file)
-utf8 input characters are UTF8 (default ASCII)
Using configuration from /usr/local/OpenCA/etc/openssl/openssl.cnf
Using configuration from
/usr/local/OpenCA/etc/openssl/openssl/CA_Admin.conf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
commonName :PRINTABLE:'Ziemowit Pierzycki'
organizationalUnitName:PRINTABLE:'Trustcenter'
organizationName :PRINTABLE:'Teleformix LLC'
countryName :PRINTABLE:'US'
serialNumber :PRINTABLE:'01'
Certificate is to be certified until Apr 19 21:08:36 2003 GMT (365 days)
Write out database with 1 new entries
Data Base Updated
unable to write 'random state'
unable to write 'random state'
General Error Trapped 700: Cannot encrypt PIN-mail! Aborting! at
/usr/local/OpenCA/lib/functions/misc-utils.lib line 38.
Compilation failed in require at /home/httpd/cgi-bin/ca/ca line 193.
Also, I had to create a 'ln -s /home/httpd/htdocs/ca/
/home/httpd/htdocs/ca/ca' link because when I was trying to "issue the
certificate" browser came back with an error that it can't find
'pwd.html' page.
Could all of this be realted?
Chris
On Fri, 2002-04-19 at 11:04, Ziemowit (Chris) Pierzycki wrote:
> Just installed the new snapshot from today and I still get this error:
>
> Error 700
> General Error. Cannot encrypt PIN-mail! Aborting!
>
> Was this a bug or a openssl package problem?
>
> Chris
>
>
> _______________________________________________
> Openca-Users mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/openca-users
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
