On Wed, Jul 31, 2002 at 02:14:54PM +0200, Michael Bell wrote:
> Cedric Tabary schrieb:
> >
> > Now I get :
> >
> > Signature OK
> > General Error Trapped 6206: Cannot build PKCS#7-object from extracted
> > signature!
> > OpenCA::PKCS7 returns errorcode 7911031 (OpenCA::PKCS7->new: Cannot
> > initialize signature (7912021)
> > OpenCA::PKCS7->initSignature: Cannot parse signature (7921021)
> > OpenCA::PKCS7->getParsed: The crypto-backend cannot verify the signature
> > (7742073)
> > OpenCA::OpenSSL->verify: openca-verify failed (35584):
> > .). at /usr/local/OpenCA/lib/functions/misc-utils.lib line 38.
> > Compilation failed in require at /usr/local/apache/cgi-bin/ra/RAServer
> > line 213.
>
> This is the same errorcode like the one from Andrew Zhoglo.
> Massimiliano, do you know the code? This looks like a general mistake
> but I don't know what's going wrong.
I found another problem :
When I "approve the request without signing" then in the CA I can't
"issue certificate" :
Using configuration from /usr/local/OpenCA/etc/openssl/openssl/User.conf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'FR'
organizationName :PRINTABLE:'iniflux'
organizationalUnitName:PRINTABLE:'Internet'
commonName :PRINTABLE:'testuser1234'
serialNumber :PRINTABLE:'08'
ERROR: adding extensions in section default
28343:error:2206D06C:X509 V3 routines:X509V3_parse_list:invalid null
name:v3_utl.c:319:
28343:error:2206B069:X509 V3 routines:X509V3_EXT_conf:invalid extension
string:v3_conf.c:138:name=subjectAltName,section=
28343:error:2206B080:X509 V3 routines:X509V3_EXT_conf:error in
extension:v3_conf.c:92:name=subjectAltName, value=
unable to write 'random state'
General Error Trapped 6755: Error while opening
/usr/local/OpenCA/var/crypto/certs/08.pem.
OpenCA::X509 returns errorcode 7411021 (OpenCA::X509->new: Cannot
initialize certificate (7412011)
OpenCA::X509->initCert: No certificate present.). at
/usr/local/OpenCA/lib/functions/misc-utils.lib line 38.
Compilation failed in require at /usr/local/apache/cgi-bin/ca/ca line
194.
and sometimes the same log with this error instead of the "Error 6755" above :
General Error Trapped 6757: Error while storing the request's serial in
cert-object at /usr/local/OpenCA/lib/functions/misc-utils.lib li
ne 38.
Compilation failed in require at /usr/local/apache/cgi-bin/ca/ca line
194.
Note:
I still have the RA and CA on the same server.
I use the CVS from Tue, 30 July after you updated crypo-utils.lib
When I "Edit Request" before "Approve request without signing" the CA
can issue the certificate without error !!
--
C�dric Tabary - EFREI - Promo 2003 +] Un OS pour les gouverner tous,
[EMAIL PROTECTED] [+ Un OS pour les trouver,
http://perso.efrei.fr/~tabary/ +] Un OS pour les amener tous
Equipe Syst�me Unix, Efrei Linux, Club-Rezo [+ Et dans les t�n�bres les lier..
-------------------------------------------------------
This sf.net email is sponsored by: Dice - The leading online job board
for high-tech professionals. Search and apply for tech jobs today!
http://seeker.dice.com/seeker.epl?rel_code1
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
