Hi all,
I have problems revoking some of my certificates. I am running openca 0.9.1. I had to rebuild my ca and I reloaded my previously issued certificates. The certificates that I reloaded cannot be revoked. Certificates issued after the reload can be revoked. The following error appears in apache.
Using configuration from /usr/local/openca.0.9.1/openca/etc/openssl/openssl.cnf ERROR:name does not match /C=xx/O=yy/OU=zzz/CN=nnnn/serialNumber=238 unable to write 'random state'
This indicates a problem with the generated index.txt during the reload. Can you send me the exact errormessage and the line from the index.txt? You can replace names by dummies but please take care about blanks and tabs!
It looks like we added a blank or forget a blank at a critical position. The match fails if we created or forget a blank or use a wrong shortname. OpenSSL simply performs a string compare between the entry in the index.txt and the subject of the certificate.
Michael -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
