Hello Gottfried > Hi Harald, > > > I have reinstalled both Server1 and Server2 multiple times. > > do you have reinstalled from scratch (moved you old openca directory > away)? I had myself a lot of strange problems and they are gone now... > OpenCA holds status information in files in openca/var - I had no luck > in resolving the detailed usages.
I have re-installed them from scratch. Regards, Harald > > Regards, > Gottfried > > > Harald Paterek wrote: >> Hello all, >> >> I have the following setup >> >> Server1: Pub and RA >> >> Server2: CA >> >> where server2 is standalone, data transfer between the two happens using >> an usb stick. Both are running Debian/Stable >> ---------------------------------------------------------- >> Configuration Server1: >> OpenCA >> (RA Server Version 0.9.1) >> Module Version >> OpenSSL 0.9.83.2.1 >> Tools 0.4.3 >> DB 2.0.5 >> Configuration 1.5.3 >> TRIStateCGI 1.5.5 >> REQ 0.9.47.2.2 >> X509 0.9.38.2.1 >> CRL 0.9.15 >> PKCS7 0.9.12 >> >> � 1998-2002 by Massimiliano Pala and the OpenCA Group. >> RA Server - Version 0.9.1 >> ----------------------------------------------------------- >> Configuration Server2: >> OpenCA >> >> (CA Manager Version 0.9.1) >> Module Version >> OpenSSL 0.9.83.2.1 >> Tools 0.4.3 >> DB 2.0.5 >> Configuration 1.5.3 >> TRIStateCGI 1.5.5 >> REQ 0.9.47.2.1 >> X509 0.9.38 >> CRL 0.9.15 >> PKCS7 0.9.12 >> >> � 1998-2002 by Massimiliano Pala and the OpenCA Group. >> CA Manager - Version 0.9.1 >> ---------------------------------------------------------------- >> >> When requesting and approving certificate using server2 and issueing the >> certificate using server 1 I get the following error: >> >> Error 6751 >> General Error. Error while issuing Certificate to >> nwtest2.huisartsenpost.net (filename: >> /usr/local/OpenCA/OpenCA/var/tmp/68.req). >> >> OpenCA::OpenSSL returns errocode 7731071 >> (OpenCA::OpenSSL->issueCert: OpenSSL fails (256).).. >> >> � 1998-2002 by Massimiliano Pala and the OpenCA Group. >> CA Manager - Version 0.9.1 >> >> --------------------------------------------------------------------- >> >> Looking at the apache error log: >> >> Using configuration from >> /usr/local/OpenCA/OpenCA/etc/openssl/openssl/Web_Server.conf >> entry 38: invalid expiry date >> unable to write 'random state' >> >> -------------------------------------------------------------------- >> >> I found the following post from madwolf suggesting to rebuild the >> index.txt and serial file: >> >> http://www.mail-archive.com/[EMAIL PROTECTED]/msg03475.html >> >> However, this did not resolve the problem. >> >> Checking the presence of cacert.pem: >> >> lrwxrwxrwx 1 root www-data 10 Nov 11 15:25 cacert.cer -> >> cacert.der >> lrwxrwxrwx 1 root www-data 10 Nov 11 15:25 cacert.crt -> >> cacert.pem >> -rwxr-xr-x 1 root www-data 1526 Nov 11 15:25 cacert.der >> -rwxr-xr-x 1 root www-data 2122 Nov 11 15:25 cacert.pem >> -rwxr-xr-x 1 root www-data 4088 Nov 11 15:25 cacert.txt >> caroot:/usr/local/OpenCA/OpenCA/var/crypto/cacerts# >> >> I have reinstalled both Server1 and Server2 multiple times. >> >> Any suggestions? >> >> Kind regards, >> >> Harald Paterek >> > > > > ------------------------------------------------------- > This SF.Net email sponsored by: ApacheCon 2003, > 16-19 November in Las Vegas. Learn firsthand the latest > developments in Apache, PHP, Perl, XML, Java, MySQL, > WebDAV, and more! http://www.apachecon.com/ > _______________________________________________ > Openca-Users mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/openca-users > > ------------------------------------------------------- This SF.Net email sponsored by: ApacheCon 2003, 16-19 November in Las Vegas. Learn firsthand the latest developments in Apache, PHP, Perl, XML, Java, MySQL, WebDAV, and more! http://www.apachecon.com/ _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
