[Openca-Users] Cannot write CA certificate into LDAP

Tue, 22 Jul 2003 16:36:34 -0700 

Hi Michael, Hi  Alex, Hi list!

So, It looks like Alex and I have the same problem.

I've  post a question last week and Nicholas told  me that  may be the problem 
is caused because there is an e-mail adress  in the CA cert.  I've not made 
changes for this.

So I follow the Michael's recommendations. I've update the ldap-utils.lib with 
the file atached and I made a PKI-OpenCA.schema file with the atachment part 
corresponding for this and include this in slapd.conf.

So when i try to start up my slapd  but an error happened "Duplicate 
objecClass ", I've found that my core.schema includes objectClass definitions 
2.5.6.21 and 2.5.6.22

objectclass ( 2.5.6.21 NAME 'pkiUser'
        DESC 'RFC2587: a PKI user'
        SUP top AUXILIARY
        MAY userCertificate )

objectclass ( 2.5.6.22 NAME 'pkiCA'
        DESC 'RFC2587: PKI certificate authority'
        SUP top AUXILIARY
        MAY ( authorityRevocationList $ certificateRevocationList $
                cACertificate $ crossCertificatePair ) )

So I leave this without changes and jus comment the parallel lines in 
PKI-OpenCA.schema

I've tried again and the result  is the same :

Importing the RBAC-configuration ... Ok.

              LDAP-support is activated

              Automatic LDAP-update is activated

              Importing valid CA_CERTIFICATE ...

                    WARNING: Cannot update object but object is present in 
database

                    FILE: 
/hdc1/ra/OpenCA/var/tmp/tmp_5427/CA_CERTIFICATE/VALID/ab4660f3f24b77867d856f11f5d7e159.pem

              Importing CA-Certificates into ldap ... addLDAPattribute: DN=
              [EMAIL PROTECTED],cn=Autoridad Certificadora 
IMP,ou=Seguridad
              Informatica,o=IMP,c=MX
              attr: cACertificate;binary
              LDAP Searchfilter: (cACertificate;binary=*)
              LDAP Search Mesg-Code 32
              LDAP Search Mesg-Count 0
              Search for the attribute failed. 

                    Cannot write CA-Certificate 
ab4660f3f24b77867d856f11f5d7e159 to LDAP

              Make CA-Certificate available on the server ...OK.

              Re-Building CA Chain ... Ok.

              Clean up ...Ok. 

I don't know where is the problem?

Is it possible add the  certificates  manually?

Alexandre, if you have solved this problem  please tell me what did you do?

I'm still trying to surpass this little problem
 
ZAINOS


-------------------------------------------------
Obt�n tu correo en www.correo.unam.mx
UNAMonos Comunic�ndonos




-------------------------------------------------------
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the
same time. Free trial click here: http://www.vmware.com/wl/offer/345/0
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Reply via email to