Hello all,
I set up OpenCA on two differente machines, one is the CA, the other is the
RA, LDAP and PUB.
When I first imported the CA certificate on the RA machine, I got the error:
------------------------
Importing CA-Certificates into ldap ...
Cannot write CA-Certificate 70e4e4752fd85f5bd580f5d34f639943 to LDAP
------------------------
I made some search on google and I tried to issue CA certificate without
email (do not fill email part) and turn schemachecking off (use "schemacheck
off" in slapd.conf). This made the trick, even though I got some warning for
LDAP:
------------------------
Importing valid CA_CERTIFICATE ...
WARNING: Cannot update object but object is present in database
FILE: /srv/ra/openca/var/tmp/tmp_
9113/CA_CERTIFICATE/VALID/0ad9d316f45093cb5fb771858897e269.pem
Importing CA-Certificates into ldap ...
CA-Certificate 0ad9d316f45093cb5fb771858897e269 is available via
LDAP
------------------------
Why this ?
Then, I requested a user certificate on the PUB, then approved on the RA,
exported the Approved CSR to the CA, issued the cert, exported the cert to
the RA/PUB/LDAP machine.
When importing, I always get the error:
--------------------------
Importing Certificates into ldap ...
Cannot write CERTIFICATE 7 to LDAP
--------------------------
In the LDAP directory, there are entries for the CN of the valid issued
certs, but there are no certificates for them available in the LDAP
directory. Only the CA cert is present.
Why this?
Thanks for any hints and help!
Giovanni
-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive? Does it
help you create better code? SHARE THE LOVE, and help us help
YOU! Click Here: http://sourceforge.net/donate/
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
