Thanks for the reply.
Regarding adding IE Certs to LDAP :
At the RA - 'Certificate Requests' and 'Edit Request' : IE Cert requests are being
displayed as :
C=...,
O=...,
OU=...,
CN=...,
emailAddress=...
All Netscape user cert requests and Admin cert requests are displayed as :
emailAddress=...,
CN=...,
OU=...,
O=...,
C=...
Can anything be done here ?
With regards to your solution for 'CA Cert giving an unknown error 65', thank you, and
I will try out installing the latest openca snapshot-20020523 and latest
openssl-snapshot and let you know how it goes.
Thanks
Pramila
-----Original Message-----
From: Michael Bell [mailto:[EMAIL PROTECTED]]
Sent: 23 May 2002 15:34
To: Pramila Rani
Cc: [EMAIL PROTECTED]
Subject: Re: [Openca-Users] Adding certs to LDAP - IE certs failing - dn
conflicts with base dn
Pramila Rani schrieb:
>
> 1. Problems with adding certs :
> >> IE User Cert ia failing because DN of certificate is in reverse order. Does this
>mean, generation of IE certs need to be changed?
If you want to edit the certificate request from IE in which order do
you see the attributes?
emailAddress=
cn= ..
...
c=..
or
c=..
...
emailAddress=...
> >> CA Cert is giving an unknown error 65. How can I upload the CACertificate?
The errorcode means LDAP_OBJECT_CLASS_VIOLATION (see ldap.h). It is the
same bug which affects Robert Hannemann. The script referenced by the
LDAP-interface try to add the CA-certificate like a userCertificate. I
fixed the problem in the newest snapshot (20020523) but I don't publish
a fixed RPM-paket OpenCA-RAServer.
> 2. For each Netscape user cert, there are 2 entries added - one with cert and one
>without cert. I found somebody else having the same problem, but not sure how this
>was resolved?
We must build a correct LDAP-tree. I think the empty entry is the DN
without the last attribute correct? This is normal and not a bug!
> 3. Random State : I saw some mails exchanged regarding 'unable to write random
>state' . I am having this problem still. Should we manually create a .rand file
>anywhere?
I have the same problem but I never found a solution for this.
Regards Michael
--
-------------------------------------------------------------------
Michael Bell Email (private): [EMAIL PROTECTED]
Rechenzentrum - Datacenter Email: [EMAIL PROTECTED]
Humboldt-University of Berlin Tel.: +49 (0)30-2093 2482
Unter den Linden 6 Fax: +49 (0)30-2093 2959
10099 Berlin
Germany http://www.openca.org
_______________________________________________________________
Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
