I was able to import the CA certificate in LDAP if I skipped the email address part. By viewing the CA certificate, I used the option "Import to LDAP with modified DN". I then removed the email info from the DN and the certificate was imported successfully. So I created another CA certificate to test this, and I skipped the email address. Then when I transferred the data from CA to RA, for the first time after I initialized the RA database, the CA certificate was successfully imported and made available through the LDAP server.
Now, do you guys use the email address in the CA certificates?
Nicholas
PS. If you think there could still be a problem on my part I will send you a couple of certificates that "don't work" (those with the email in them).
Michael,
I just tested the patch with OpenCA 0.9.1.2 and it still doesn't behave itself. The error when I try to import the CA certificate changed though with 0.9.1.2. Instead of error 32 it now gives error 64 and says that "naming attribute email is not present in entry" !!!
If I try to import certificates, it gives the same error as before... (error 21: LDAP-add failed: mail: value #0 invalid per syntax)
I think the easiest way is to send two example certificates to the list. Then I can take a serious look onto your problem.
Greetings Michael
P.S. I'm out of office from July 4th-6th. I'm back on monday.
------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
