Hi all,
My implementation:
OpenCA 0.9.1
REDHAT 7.3
Database: Mysql
RA and CA in differents machines.
First: I would like thanks to everybody in this list for the interesting
Answers, questions and comments.
Second: I looked *.conf and I belive the followings enhancements are
more correct.
I tested OpenCA 0.9.1 with this enhancements and works nicely.
---------------------------------------
ra.conf.in
---------------------------------------
## General Section
## ===============
actually is not necessary: PublicDir "@pub_htdocs_fs_prefix@"
## ================== [ Basic CSR Section ] =====================
## Basic CSR Forms
actual: Basic_CSRSuccessPage "@lib_prefix@/servers/
@pub_prefix@/sheets/request_success.html"
best: Basic_CSRSuccessPage "@lib_prefix@/servers/
@ra_prefix@/sheets/request_success.html"
## ================== [ DN_TYPE ::= SPKAC ] =====================
actual: DN_TYPE_SPKAC_KEYGEN_SHEET "@lib_prefix@/servers/
@pub_prefix@/sheets/spkac_confirm_request.html"
best: DN_TYPE_SPKAC_KEYGEN_SHEET "@lib_prefix@/servers/
@ra_prefix@/sheets/spkac_confirm_request.html"
## ================== [ DN_TYPE ::= IE ] =====================
actual: DN_TYPE_IE_KEYGEN_SHEET "@lib_prefix@/servers/
@pub_prefix@/sheets/ie_confirm.html"
best: DN_TYPE_IE_KEYGEN_SHEET "@lib_prefix@/servers/
@ra_prefix@/sheets/ie_confirm.html"
is not necessary: RA "Trustcenter itself" "Help Desk 1" "Help Desk 2"
because exist: RegistrationAuthority "Trustcenter itself"
"Help Desk 1"
"Help Desk 2"
change only cmds/raList
actual: my @raList = @{ ($config->getParam('RA'))->{VALUES} };
best: my @raList = @{ ($config->getParam
('RegistrationAuthority'))->{VALUES} };
-----------------------------------
pub.conf.in
-----------------------------------
is not necessary: CAChainDir "@var_prefix@/crypto/chain"
because exist: ChainDir "@var_prefix@/crypto/chain"
change only: cmds/verifySignature
actual: my $cachaindir = getRequired ('CAChainDir');
best: my $chaindir = getRequired ('ChainDir');
actual: my $sign = new OpenCA::PKCS7( SHELL => $cryptoShell,
INFILE => "$tmpDir/$$.sig",
DATAFILE => "$tmpDir/$$.txt",
CA_DIR => "$cachaindir" );
best: my $sign = new OpenCA::PKCS7( SHELL => $cryptoShell,
INFILE => "$tmpDir/$$.sig",
DATAFILE => "$tmpDir/$$.txt",
CA_DIR => "$chaindir" );
------------------------------------------------
I have not revised the others, yet!. (ca.conf, ca_node.conf,
ra_node.conf, ldap.conf)! This weekend, perhaps!
Best regards,
Ramon Llorens
-------------------------------------------------------
This SF.net email is sponsored by:
The Definitive IT and Networking Event. Be There!
NetWorld+Interop Las Vegas 2003 -- Register today!
http://ads.sourceforge.net/cgi-bin/redirect.pl?keyn0001en
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
