I had a similar error,/ (/*/Configuration Error/*/. Cannot initialize cryptographic layer (configurationfile /usr/local/pki/UnicibleICA4/etc/token.xml)!Cannot create new OpenCA Token object. .//) / I solved it by editing the token.xml file and replacing the reference to openssl by the entire path to openssl.
<option>
<name>SHELL</name>
<value>/usr/local/ssl/openssl</value>
/usr/local/ssl/bin/openssl
(was <value>openssl</value>)
</option>
I don't know why it works this way and not with a simple call to openssl. (what is strange is that I do not have to give the entire path in the dfferent .conf files in etc/servers; there it works by simply calling openssl)
The option OPENSSL in etc/servers/*.conf should no longer be used because the complete cryptoconfiguration is handled via token.xml. So it is no problem to have a wrong value in the conf-files ;-)
The wrong value for the OpenSSL binary is a problem because it crashs the complete CA. I will add this item to the FAQ. Do you use --with-openssl-prefix?
Michael -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
