Hi Harald, first thanks a lot for this really good readme :)
Harald wallus schrieb: > > With netscape-4.79 I got the problems which is describe in THE OPENCA GUIDE > 1.2.1.1 but I got it not solve. I'm shure that I have done something wrong. Perhaps I should rewrite the section. > To compile ocspd I need to install openssl-devel-0.9.8-1. This is really interesting because I'm still using 0.9.7 only. I never installed a 0.9.8. > make ca > > ERROR: > gcc -g -O2 -o openca-sv sv.o tools.o callback.o verify-crypto.o sign-crypto.o > verify-tools.o sign-tools.o sign2nd.o -lcrypto -lfl -ldl > /usr/i486-suse-linux/bin/ld: cannot find -lfl > collect2: ld returned 1 exit status > > Edit the file > /home/wallus/openca-0.9.1/src/openca-sv/src/Makefile > at line 85 and change > SV_INCLUDE_LIBS = -lfl -ldl to SV_INCLUDE_LIBS = -ldl Is flex installed on your system? If it is not installed then we don't need it perhaps. If openca-sv doesn't depend on flex then we have to remove the library form our makefiles permanently. > CREATE the initial administor > ------------------------------------- > Now to click on Initialization / Create the initial administrator / Issue the > certificate > results in an ERROR 690. Clearly the cert is issued in the step before. This is correct (the link is only to guide the user). > But also Handle the certificate results in a ERROR 690. This is normally a problem with serials of the certificates. Which serial has the certificate? The links are hardcoded. > So I go to: > > Certificates / Valid Certificates > (Click on the serial number, choose Certificate and Keypair to > PKCS#12, Download, type in your 10leterslongPin, > download in to ca.pk12) > And got an ERROR: Cannot convert a PKCS#8 Certificate to a pem or PKCS#12 > cert. > OK, we do it once again and choose PKCS#8, no download utton appears. > So I choose > This page I store down into raoperator.txt (.pem is not possible with IE). > This belongs to THE OPENCA GUIDE 2.2.2 Step 4 Is there a cut and paste mistake in your mail? The passphrase which you must use is the PIN which you entered during the creation of the request. Therefore the passphrasedialog asks for the user's password and not for the CA's one. This mistake is very common. If somebody has a recommendation what we could do to avoid this mistake then please write us. > ... > Like for the ra operator certificate, we can't issue and handle it. ERROR > 690. It looks like you have a problem with the initial serial in OPENCADIR/var/crypto/serial ... or you logged out and in or you have a writeprotection on your floppy ... :) One small hint, if you don't want to see the errormessage from a failed LDAP-update then you can deactivate the LDAP during configuration or in online.conf. Thanks, Michael -- ------------------------------------------------------------------- Michael Bell Email (private): [EMAIL PROTECTED] Rechenzentrum - Datacenter Email: [EMAIL PROTECTED] Humboldt-University of Berlin Tel.: +49 (0)30-2093 2482 Unter den Linden 6 Fax: +49 (0)30-2093 2959 10099 Berlin Germany http://www.openca.org ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
