After a few hours I'm know getting the following error:
engine "LunaCA3" set.
unable to load Private Key
1734:error:0D078079:asn1 encoding routines:ASN1_ITEM_EX_D2I:field missing:tasn_dec.c:391:Field=iqmp, Type=RSA
1734:error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib:d2i_pr.c:96:
1734:error:0906700D:PEM routines:PEM_ASN1_read_bio:ASN1 lib:pem_pkey.c:117:
Any idea?
Ricardo Costa
Ricardo Costa wrote:
Getting another erro now:
Error loading Cryptoki library file [/usr/luna/lib/libcrystoki2.so]
can't use that engine
2421:error:2507006C:DSO support routines:DSO_load:functionality not supported:dso_lib.c:239:
2421:error:2606D067:engine routines:func(109):conflicting engine id:hw_lunaca3.c:561:
2421:error:260B806D:engine routines:ENGINE_TABLE_REGISTER:init failed:eng_table.c:181:
Error loading Cryptoki library file [/usr/luna/lib/libcrystoki2.so]
2421:error:0306E06C:bignum routines:BN_mod_inverse:no inverse:bn_gcd.c:482:
2421:error:0D080006:asn1 encoding routines:ASN1_sign:EVP lib:a_sign.c:275:
Any idea?
Thanks,
Ricardo Costa
Adam Tresch wrote:
As far as i remember, (currently not using the OpenCA stuff)
it is probably not necessary to put the enginearg line in the ca.conf and ca_node.conf files.
Please try it without the enginearg parameter in the above files.
Adam
Ricardo Costa wrote:
Adam,
I tried wath you sugested, but now i get the erro:
unknown option -enginearg
Do you know why?
Thanks,
Ricardo Costa
Adam Tresch wrote:
Ricardo,
you need to attach the following lines into the Chrystoki.conf file
EngineLunaCA3= { EngineInit = 1:10:11; LibPath = /usr/luna/lib/libcrystoki2.so; Handle=10; }
And in this case add the following line to the ca.conf file
opensslEngine "LunaCA3" opensslEngineArg "-enginearg 1:10:11"
you will find an example in the config file, but with the above parameters it works fine...
Adam
Ricardo Costa wrote:
Hi,
I'm trying tu put LunaCA3 working with OpenCA-0.9.1-5. I'm using: kernel-2.4.9-13 ca3util-0.1.4-7.i386.rpm lunasys-8.1-1.i386.rpm openssl-lunaca3-0.9.6-5.i386.rpm openssl-0.9.7b with the openssl-lunaca3-patch-0.9.7.tar
I'm able to Login and Logou to and from the LunaCA3, Generate new CA
secret key, but when I try Generate new CA Certificate Request i get the
error:
Missing configuration for Cryptoki library
can't use that engine
1498:error:2606D067:engine routines:func(109):conflicting engine
id:hw_lunaca3.c:553:
1498:error:260B806D:engine routines:ENGINE_TABLE_REGISTER:init
failed:eng_table.c:181:
Missing configuration for Cryptoki library
1498:error:0306E06C:bignum routines:BN_mod_inverse:no inverse:bn_gcd.c:482:
1498:error:0D080006:asn1 encoding routines:ASN1_sign:EVP lib:a_sign.c:275:
My /etc/Chrystoki.conf look's like:
Chrystoki2 = { LibUNIX=/usr/luna/lib/libcrystoki2.so; } CardReader = { RemoteCommand=1; } Luna = { DefaultTimeOut=500000; PEDTimeout1=100000; PEDTimeout2=100000; }
Misc = { LogFile = /var/log/lunaca3.log; }
Can anyone help me?
Thanks,
Ricardo Costa
-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free Linux Tutorials. Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free Linux Tutorials. Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
smime.p7s
Description: S/MIME Cryptographic Signature
