I am currently using :
openca-0.9.1-1 dated 28-Feb-2003
openssl-0.9.7-stable-SNAP-20030324
openldap-stable-20030317
I need some help publishing certs to LDAP. I am able to generate CA certs, user certs
and Sub CA certs. However, publishing to LDAP is giving problems. With the previous
versions - Jun 2004 version, I had no problem with LDAP (except SubCA certificate
publishing). Below is a debug report of a failed CA-Cert publishing. (Note I have set
"ldapversion" to 3 in ldap.conf). It inserts, organization and organizationUnit
entries to LDAP. But then when it comes to the common name entry, it fails.
-----------------------------------------------------------------------------------------------------------
Checking for a special DN where to store CA-certificates ...
There is no special DN specified.
Adding valid CA-certificates to the LDAP server ...Information of the Object:
dn [EMAIL PROTECTED],CN=Comt OCA 91 Root,OU=Comt
OCA91,O=EtiOrg,C=AE
cn Comt OCA 91 Root
serID 0
email [EMAIL PROTECTED]
ou ARRAY(0x8a726dc)
o EtiOrg
l
st
c AE
End of the information of the Object.
element of baseDN: o=EtiOrg
element of baseDN: c=AE
element of the inserted DN: [EMAIL PROTECTED]
element of the inserted DN: CN=Comt OCA 91 Root
element of the inserted DN: OU=Comt OCA91
element of the inserted DN: O=EtiOrg
element of the inserted DN: C=AE
Checking RootDN of Certificate ...
Inserted DN BaseDN
h_basedn: AE
h_dn: AE
h_basedn_attribute: c
h_dn_attribute: C
h_basedn: EtiOrg
h_dn: EtiOrg
h_basedn_attribute: o
h_dn_attribute: O
Checking the length of the DN of the Certificate ...
Building the missing nodes of the LDAP-tree ...
Try to add o=EtiOrg, c=AE ...
LDAP Schema DN: o=EtiOrg, c=AE
node exists
Try to add OU=Comt OCA91,o=EtiOrg, c=AE ...
LDAP Schema DN: OU=Comt OCA91,o=EtiOrg, c=AE
node exists
Try to add CN=Comt OCA 91 Root,OU=Comt OCA91,o=EtiOrg, c=AE ...
LDAP Schema DN: CN=Comt OCA 91 Root,OU=Comt OCA91,o=EtiOrg, c=AE
node doesn't exist
Attributes for the insertion:
objectclass = ARRAY(0x8ade7b8)
o = EtiOrg
authorityRevocationList;binary =
certificateRevocationList;binary =
cACertificate;binary =
Must setup a CA-cert
The resultcode of the nodeinsertion was 16.
addLDAPattribute: DN= [EMAIL PROTECTED],cn=Comt OCA 91
Root,ou=Comt OCA91,o=EtiOrg,c=AE
attr: cACertificate;binary
LDAP Searchfilter: (cACertificate;binary=*)
LDAP Search Mesg-Code 32
LDAP Search Mesg-Count 0
Search for the attribute failed.
Certificate 0 FAILED (error 32: No such object)
--------------------------------------------------------------------------------------------------------
Would appreciate if anybody can let me know what configuration I am missing.
Pramila
-------------------------------------------------------
This SF.net email is sponsored by: ValueWeb:
Dedicated Hosting for just $79/mo with 500 GB of bandwidth!
No other company gives more support or power for your dedicated server
http://click.atdmt.com/AFF/go/sdnxxaff00300020aff/direct/01/
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
