Thank you very much for the help. I now setup a server to act as RA and also have the RA operator on the same computer. I was able to use the operator to generate certificate request. But it looks like my RA is not able to approve the request. when I clicked on the approve button, it said that I need to sign the request. However I couldn't find anywhere that will allow me to sign it. I think maybe the problem is that the RA server certificate is not signed by our CA yet. It is still using the test certificate generated when I ran "make certificate" during installation of mod_ssl and apache. do I have to mauanlly run "openssl" to generate new key and request for the RA server and copy it to the CA server to get it signed, before the RA server is able to approve certificate requests? BTW I was able to export the CA certificate from the CA server and import it to the RA server using floppy. Your help is very much appreciated.
Charles On Wed, 31 Jul 2002, Masrsimiliano Pala wrote: > Charles wrote: > > hi there: > > Hi, > > > If I want to have RA and RA operator on the same computer, how can I > > configure the apache server to do it. on the RA server, I configured the > > I think it is a typo as the components are the CA and the RA server... > > > the ordinary web server on port 80 and the RA on port 443. so it is not > > possible to put the RA operator also on port 443, right? then where should > > I put it? right now I installed RA operator on another computer on port > > Well, this is an Apache-related problem and there are many possible solution > to your problem (I am guessing you are talking about CA and RA Server as the > RA operator is a person acting using the RA server... ). First you can > install all OpenCA into a single server on port 80 and limit access using > the apache capabilities ( <Location />...</Location> ). Second you can > setup different servers using the NameVirtualHost directive so to setup > the basic public part of openca at the normal 80 port and all you want to > be encrypted using SSL on the 443 port ( the <Location />...</Location> > can now be used to limit the access using the client authentication as well). > > > 443. However I have problen to generate certificate request. I got error > > 340 which said > > > > general submission error: erorr while storing REQ > > > > software error > > > > error while storing REQ(/usr/local/Raserver/db) at > > /home/httpd/cgi-public/spkac_req line 574 > > > > > > What does this error mean? I guess the dababse was not initialized. > > However on the RA operator computer how can I initialize the database? > > The RA operator is just a person who has in charge some operations to be > accomplished with his/her browser ( approve requests, delete requests, etc... ) > using the RA server. > > Let us know if you have more questions about OpenCA. > > -- > > C'you, > > Massimiliano Pala > > --o------------------------------------------------------------------------- > Massimiliano Pala [OpenCA Project Manager] [EMAIL PROTECTED] > [EMAIL PROTECTED] > http://www.openca.org Tel.: +39 (0)59 270 094 > http://openca.sourceforge.net Mobile: +39 (0)347 7222 365 > ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
