1) Certificate x FAILED (error 64: LDAP-add failed: naming attribute 'serialNumber' is not present in entry)
where x=certificate no.
I have added pkiCA.schema and the LDAP server runs fine. I am not sure if this error regards the certificates themselves, or the server. It seems to me that the certificates are fine, though, since they contain a serialNumber attribute in the DN.
Example of one of my certs: ------------------------------------- Distinguished Name: serialNumber=4 CN=Peter Jones O= MY CA C=US
This is a typical problem which is fixed in CVS. You have to checkout openca-0.9 with the release tags openca_0_9_1 (this is the 0.9.1 branch) or openca_0_9_1_2 (this is the 0.9.1.2 release - tagged some hours ago). You need the changed pkiCA.schema and the changed ldap-utils.lib.
2) When I try to import the CA-Certificate to the LDAP server, the error message says:
"Checking for a special DN where to store CA-certificates ... There is no special DN specified.
Adding valid CA-certificates to the LDAP server ...
Certificate 0 FAILED (error 32: No such object)"
This is a new problem but before you activate the debugging I would recommend you to try the ldap files from 0.9.1.2.
3) I have been reading previous messages to try and solve this and I came across the mentioning of a fix for ldap-utils.lib. I tried to find such a fix on the CVS but could not locate it.
cvs -d:pserver:[EMAIL PROTECTED]:/cvsroot/openca login
cvs -z3 -d:pserver:[EMAIL PROTECTED]:/cvsroot/openca checkout -P -r openca_0_9_1_2 openca-0.9
This makes a checkout of openca_0_9_1_2. If you want to checkout the 0.9.1 branch then use the the tag openca_0_9_1.
Do you think that fix would help me with my problem?
Yes.
If so, how do I find it and apply it?
Simply copy the files pkiCA.schema and ldap-utils.lib into the 0.9.1.1 sources.
Best regards
Michael
P.S. I hope this helps more than with your apache problem. -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
