> I have reinstalled both Server1 and Server2 multiple times.
do you have reinstalled from scratch (moved you old openca directory away)? I had myself a lot of strange problems and they are gone now... OpenCA holds status information in files in openca/var - I had no luck in resolving the detailed usages.
Regards, Gottfried
Harald Paterek wrote:
Hello all,
I have the following setup
Server1: Pub and RA
Server2: CA
where server2 is standalone, data transfer between the two happens using an usb stick. Both are running Debian/Stable ---------------------------------------------------------- Configuration Server1: OpenCA (RA Server Version 0.9.1) Module Version OpenSSL 0.9.83.2.1 Tools 0.4.3 DB 2.0.5 Configuration 1.5.3 TRIStateCGI 1.5.5 REQ 0.9.47.2.2 X509 0.9.38.2.1 CRL 0.9.15 PKCS7 0.9.12
� 1998-2002 by Massimiliano Pala and the OpenCA Group. RA Server - Version 0.9.1 ----------------------------------------------------------- Configuration Server2: OpenCA
(CA Manager Version 0.9.1) Module Version OpenSSL 0.9.83.2.1 Tools 0.4.3 DB 2.0.5 Configuration 1.5.3 TRIStateCGI 1.5.5 REQ 0.9.47.2.1 X509 0.9.38 CRL 0.9.15 PKCS7 0.9.12
� 1998-2002 by Massimiliano Pala and the OpenCA Group. CA Manager - Version 0.9.1 ----------------------------------------------------------------
When requesting and approving certificate using server2 and issueing the certificate using server 1 I get the following error:
Error 6751 General Error. Error while issuing Certificate to nwtest2.huisartsenpost.net (filename: /usr/local/OpenCA/OpenCA/var/tmp/68.req).
OpenCA::OpenSSL returns errocode 7731071 (OpenCA::OpenSSL->issueCert: OpenSSL fails (256).)..
� 1998-2002 by Massimiliano Pala and the OpenCA Group. CA Manager - Version 0.9.1
---------------------------------------------------------------------
Looking at the apache error log:
Using configuration from /usr/local/OpenCA/OpenCA/etc/openssl/openssl/Web_Server.conf entry 38: invalid expiry date unable to write 'random state'
--------------------------------------------------------------------
I found the following post from madwolf suggesting to rebuild the index.txt and serial file:
http://www.mail-archive.com/[EMAIL PROTECTED]/msg03475.html
However, this did not resolve the problem.
Checking the presence of cacert.pem:
lrwxrwxrwx 1 root www-data 10 Nov 11 15:25 cacert.cer -> cacert.der lrwxrwxrwx 1 root www-data 10 Nov 11 15:25 cacert.crt -> cacert.pem -rwxr-xr-x 1 root www-data 1526 Nov 11 15:25 cacert.der -rwxr-xr-x 1 root www-data 2122 Nov 11 15:25 cacert.pem -rwxr-xr-x 1 root www-data 4088 Nov 11 15:25 cacert.txt caroot:/usr/local/OpenCA/OpenCA/var/crypto/cacerts#
I have reinstalled both Server1 and Server2 multiple times.
Any suggestions?
Kind regards,
Harald Paterek
------------------------------------------------------- This SF.Net email sponsored by: ApacheCon 2003, 16-19 November in Las Vegas. Learn firsthand the latest developments in Apache, PHP, Perl, XML, Java, MySQL, WebDAV, and more! http://www.apachecon.com/ _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
