> Kristof Vandermeersch wrote:
>
> Hi Massimiliano,
>
Hi,
> I have a question:
>
> I already have a Root CA (Microsoft Software), and now I want to install
> OpenCA and make it work like a sub CA under the Root CA.
>
> Is this possible?
Of course!
> Can you tell me where comes the part that says 'this CA is not a root CA, but
> it is a child of this Root CA'
> Is it in a config file,...?
You don't have to make special configurations, simply you have to import the
CA certificate into the OpenCA CA db, export it to the RAServer and you are
done.
I suggest you to do the following (according to the default configuration):
1. rename the CA certificate file to cacert.pem (need to be PEM
formatted, i.e. -----BEGIN CERTIFICATE-----....
-----END CERTIFICATE-----)
2. do the following:
$ tar cvfp /dev/fd0 cacert.pem
Now you have the cert on the floppy, ready to be imported into
your CA.
3. Use the CA command (initialization) "Import CA Cert..."
4. copy the cacert.pem to the chain directory together with all the
certs from your uplevel CAs (till the Root one). This has to be
done on the CA and on the RAServer.
5. Rebuild the CA chain.
This should be all you need. Also remember to import your CA cert and all
the chain into the Apache configuration dirs and configure it (more on
how to do it on the apache or mod_ssl web site(s)).
--
C'you,
Massimiliano Pala
--o-------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager] madwolf at cpan.org
madwolf at openca.org
http://www.openca.org madwolf at hackmasters.net
http://openca.sourceforge.net Mobile: +39 (0)347 7222 365
-------------------------------------------------------
This sf.net email is sponsored by: Jabber Inc.
Don't miss the IM event of the season | Special offer for OSDN members!
JabConf 2002, Aug. 20-22, Keystone, CO http://www.jabberconf.com/osdn
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
