Thanks Michael,
I got this problem (Generating a CA secret Key) solved by changing the
permission as you said. but now I am not able to do the next step i.e.
generate a new CA certificate request. After entering my CA secret key
password in the java script box, it gives a blank page and halts. I am
attaching the apache log for reference. Can u pl. help?
Thanks once again,
SASI
----- Original Message -----
From: "Michael Bell" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, September 12, 2002 12:32 PM
Subject: Re: [Openca-Users] Configuration error code with GUI
> Sasidharan schrieb:
> >
> > Hi Michael,
> >
> > The apache error given below:
> >
> > /usr/local/OpenCA/private/cakey.pem: Permission denied
> > 10545:error:0200100D:system library:fopen:Permission
> > denied:bss_file.c:245:fopen
> > ('/usr/local/OpenCA/private/cakey.pem','w')
> > 10545:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:247:
> > Error Trapped: Error loading generated Key! at lib/misc-utils.lib line
53.
> > Compilation failed in require at /home/httpd/cgi-ca/ca line 169.
>
> This looks like a mistake during the installation. You should set the
> user and the group of your webserver (e.g. --with-httpd-user=wwwrun and
> --with-httpd-group=nogroup for SuSE) during ./configure.
>
> The error happens if the webserver cannot access the directory
> /usr/local/OpenCA/private and this only happens if you don't set the
> correct user and group. Please check the user of your webserver and then
> set the options correctly.
>
> Best regards,
>
> Michael
> --
> -------------------------------------------------------------------
> Michael Bell Email (private): [EMAIL PROTECTED]
> Rechenzentrum - Datacenter Email: [EMAIL PROTECTED]
> Humboldt-University of Berlin Tel.: +49 (0)30-2093 2482
> Unter den Linden 6 Fax: +49 (0)30-2093 2959
> 10099 Berlin
> Germany http://www.openca.org
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Openca-Users mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/openca-users
unknown option -subj
req [options] <infile >outfile
where options are
-inform arg input format - DER or PEM
-outform arg output format - DER or PEM
-in arginput file
-out argoutput file
-texttext form of request
-nooutdo not output REQ
-verifyverify signature on REQ
-modulusRSA modulus
-nodesdon't encrypt the output key
-engine e use engine e, possibly a hardware device.
-key file use the private key contained in file
-keyform arg key file format
-keyout arg file to send the key to
-rand file:file:...
load the file (or the files in the directory) into
the random number generator
-newkey rsa:bits generate a new RSA key of 'bits' in size
-newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'
-[digest] Digest to sign with (md5, sha1, md2, mdc2)
-config file request template file.
-new new request.
-x509 output a x509 structure instead of a cert. req.
-days number of days a x509 generated by -x509 is valid for.
-newhdr output "NEW" in the header lines
-asn1-kludge Output the 'request' in a format that is wrong but some CA's
have been reported as requiring
-extensions .. specify certificate extension section (override value in config
file)
-reqexts .. specify request extension section (override value in config file
)
Can't call method "getTXT" on an undefined value at cmds/genCAReq line 71, <FD>
line 32.
Compilation failed in require at /home/httpd/cgi-ca/ca line 169, <FD> line 32.
