Thanks you for your help Michael, once again! I'm going to try with the new file for : ldap-utils.lib. For the schemas, I believe that for pkiUser ans pkiCA, it already exists in the class core.schema in OpenLDAP. Must I add it in a new file .schema? ------------------- > Pascal VERRECCHIA wrote: > > Hi! > > Thank you for your answer! > > When I put DEBUG to 1 in ldap-utils.lib, I obtain this result : > > > > Test the archive ... > > /bin/tar -tvf /dev/fd0 > > Importing archive ... > > > > Load required variables ... > > Changing to directory /srv/ca/OpenCA/var/tmp/tmp_2963 ... > > Running the import command(s) ... > > /bin/tar -xvf /dev/fd0 -C /srv/ca/OpenCA/var/tmp/tmp_2963 > > Importing the RBAC-configuration ... Ok. > > > > LDAP-support is activated > > > > Automatic LDAP-update is activated > > > > Importing valid CA_CERTIFICATE ... > > 1eba2280277ea2848fe893579111638e.pem inserted > > Importing CA-Certificates into ldap ... ldap-utils.lib: LDAP_get_ca: > > try to determine the newest CA-cert > > ldap-utils.lib: LDAP_get_ca: check NOTBEFORE 20030610091047 > > ldap-utils.lib: LDAP_get_ca: newer ca-cert found > > ldap-utils.lib: LDAP_get_ca: notbefore: 20030610091047 > > ldap-utils.lib: LDAP_get_ca: ca: > > OpenCA::X509=HASH(0x8b944f0) > > ldap-utils.lib: LDAP_get_ca: return newest ca > > Information of the Object: > > dn > > [EMAIL PROTECTED],CN=ca,OU=LOR,O=INT,C=FR > > cn ca > > serID 0 > > email [EMAIL PROTECTED] > > ou ARRAY(0x8b980d0) > > o INT > > l > > st > > c FR > > End of the information of the Object. > > > > Cannot write CA-Certificate 1eba2280277ea2848fe893579111638e to LDAP > > Make CA-Certificate available on the server ...OK. > > > > > > I haven't an entry CA in my LDAP annuary... > > It could be the problem? > > No, we can handle completely empty directories. I attached a changed > ldap-utils.lib which has two more debugging statements because the > default output of 0.9.1 is not so good like the one from 0.9.2. I also > added a changed schema for OpenLDAP. > > The debugging output shows me that there are two possible problems: > > 1. you cannot connect to your LDAP server > 2. you cannot bind to your LDAP server > > Michael > -- > ------------------------------------------------------------------- > Michael Bell Email: [EMAIL PROTECTED] > ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 > (Computing Centre) Fax: +49 (0)30-2093 2704 > Humboldt-University of Berlin > Unter den Linden 6 > 10099 Berlin Email (private): [EMAIL PROTECTED] > Germany http://www.openca.org >
------------------------------------------------------- This SF.net email is sponsored by: Etnus, makers of TotalView, The best thread debugger on the planet. Designed with thread debugging features you've never dreamed of, try TotalView 6 free at www.etnus.com. _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
