Hi, I suceeded in installing CA server and generating CA and RA certs.
Now I am working on RA server installation. I tried to integrate LDAP with openCA in RA server. I realized few things: To integrate/install LDAP on RA server with Apache, one must install mod_authz_ldap which can only be installed as a dynamic shared object (DSO), the version statically linked into the apache server is no longer supported. I checked my installation of apache by using the command httpd -l in the bin directory of apache and did not see any mod_so.c file so i believe my apche doesnot have support for DSO modules. As i read from http://authzldap.othello.ch/mod_authz_ldap.HOWTO ONE SHOULD NOT TRY TO DOWNLOAD A BINARY DISRIBUTION FROM APACHE!!! It won't work, because you have to modify the source code from mod_ssl. Since i installed a binary distribution I cannot go a head with LDAP unless I redo everything by downloaded the source version of apache. Q1> I decided not to install LDAP for now on my RA. So my question is what all am i going to loose without RA?. Q2> I know that I cannot store the certs and serch for certs on LDAP. But can I still make use of RA server without much loss. Bascially I just want to know if anyone out there are working with RA server without LDAP (not in production environment ofcourse!). Only reason for not installing LDAP is I have to install the module and then LDAP and then Apache from source.....and now I already have Apache binary installed with openssl and OpenCA configured and now i realzed that I need to make these changes.. Or do I no option than to install LDAP?? Q3> I saw the following lines in online.conf and some other confs. mailcommand "/usr/lib/sendmail -n -t " I am working on solaris. But when I checked it from command line I didnot find sendmail in usr/lib/ directory. So where do i get sendmail from. Can I download it from any site? Q4> Also in the online.conf I saw this lines ImportDev "/dev/fd0" ExportDev "/dev/fd0" Now I want to change these paths to a directory rather than floppy drives as I donot have direct access to the server I am using. And i generally telnet to the server and work. So on the CA server I used Exported ALL command and stored all as tar file. Can I place the tar file on the RA server and give the path to that directory in the above config file? Can I then use the Import All command on the RA server (donot know if such command exists) Q5> And Will this make the online server move all the certs to where ever they are supposed to be on the RA server? Thanks, Pavan Sura. _________________________________________________________________ Send and receive Hotmail on your mobile device: http://mobile.msn.com ------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
