Greetings, I'm Still using 0.9.1 RC4 with OpenCA::DB
Question 1) Due to an issue on my end, I now have my CSR Req. numbers out of whack in the DB's (Long Story). Currently the last valid CSR Req. was # 4896. The numbers increment properly until I issue the highest CSR req. #, then a duplicate CSR Req. # is given for the next CSR Req. For example, I approved and issued serial number 21 cert for this req. (4896). Once I approved the CSR, the next CSR also has 4896 when it should be 5152. Any ideas on how to fix this? I really don't want to start my DB over again. <Beg & grovel> maybe those who understand perl and this DB would be willing to provide a quick script to update the db accordingly? </Beg & grovel> Question 2) I cannot get the CA system to properly backup and restore the DB. (Tar files are my friend) The RA Appears to work properly, but I'm a bit befuddled to know if it's because it actually is, or if I'm get getting the data from an import. (sometimes running in circles with not enough time to spend un-interrupted) Any insights? Question 3) What's the easiest method of upgrading to a later release? Can I simply replace the cmds, functions and libs (relying on my current config files) or must I re-compile/make/make install? I don't want to overwrite the web pages unless it's necessary. Question 4) Do later/latest releases allow for a download of server certs in .pem format rather than just .cer? The current mechanism sends an email with a link that attempts to load the cert into the browser. Wondering if now there's a distinction between Server and Browser/Email certs in the download process. Question 5) [other questions about OpenCA & LDAP structure I'll just have to work through for now... ] Thanks for any responses to these questions. If I had a week or so to solely concentrate on this alone I'd realize how basic these questions are and scoff at myself. I do appreciate your help. Ron
smime.p7s
Description: application/pkcs7-signature
