Ron Gedye schrieb: > > I gratiously disagree. I used the options > > --with-httpd-fs-prefix=/usr/local/apache > --with-htdocs-fs-prefix=/home/httpd/htdocs-ca > --with-cgi-fs-prefix=/home/httpd/cgi-ca > > during configure (crude locale yes, but not wrong) and when make install-ca > was performed, a 'ca' directory was created under each of htdocs and cgi fs > prefixes listed above. > > The DocRoot and ScriptAlias was originally set at what I used during > configure, as I expected the install to place the files where I specified, > not in a ca dir below it. Once I noted the ca dirs had been made, (and I > could not load the site) I adjusted my doc root and script alias accordingly > by adding /ca/ to each.
Your DocRoot must be /home/httpd/htdocs-ca and then simply use https://localhost/ca/. If you want a CA-only server then you must use the --with-ca-* options. > > 1. You must specify this account during configure or must add it by hand > > in openca_dir/etc/servers/ca.conf. > > > > I did not see mention of this in the install doc, I'll look again. INSTALL is completely outdated. You can use as a starting point ftp://ftp.openca.org/pub/openca/developers/bell/doc/. > > 2. Which option do you use for configure? DocRoot/cgi-ca/ca/ca looks > > really crude? Normally it is DocRoot/cgi-bin/ca/ca. All servers can be > > hosted on apache (I think you use a 0.9-snap). > > I specifiy the options used above, the did a make install-ca. I assumed that > the install-ca directive would install only all the CA portions, and do so > completely. (I noted that manpages were made but not installed, what'd I > miss?) install-ca is enough (manpages are install-doc). > I had another question (forgive me) about one of the configure options. > When i specified the --with-web-host= flag, I used the name of my ca server, > which is (for now) in a private unresolvable domain, later to be disconnected > from the wire. I noted that this flag value appears in the revocation url. > Must I make this value what will be my true public host (most likely yes) and > if I do so, does it have any conflicting effects on the operation of the CA > box? Webhost is your public server. If your LDAP-server is different from this host or your (public!) http-server is different from this host then you can specify it via an additional option. All links are relative and don't include a hostname. Best Regards Michael -- ------------------------------------------------------------------- Michael Bell Email (private): [EMAIL PROTECTED] Rechenzentrum - Datacenter Email: [EMAIL PROTECTED] Humboldt-University of Berlin Tel.: +49 (0)30-2093 2482 Unter den Linden 6 Fax: +49 (0)30-2093 2959 10099 Berlin Germany http://www.openca.org ------------------------------------------------------- This sf.net email is sponsored by: Jabber - The world's fastest growing real-time communications platform! Don't just IM. Build it in! http://www.jabber.com/osdn/xim _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
