Don't forget to change (on root-ra) the Role in CSR to Sub-CA!
> 7.5 Run make in the chain directory. > > 8. Rebuild the Sub CA chain.
Step 7.5 is done by step 8 (I think - I didn't run make). I have also placed the root-ca cert into chain directory on ra... I don't know if it's really nessecary but it makes no problems ;-)
OK, I have done all of this, but when I test a client certificate using the "Test Certificate" link in the Public server I get the same old error:
"The signature is not valid. PKCS#7-Error 7932021: OpenCA::PKCS7->parseDepth: The chain is not complete. (6102).
If you generate the chain as root then will get trouble with the rights. I have this errormessage when I made the chain as root on the commandline.
Michael -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
