BTW can you give us an information which directory server do you use? This helps us to write a better documentation because we know which directory server can cause which problems. We know that OpenLDAP is more strict from release to release but we heard one special sideeffect from Novell too.
Michael
Thank you Michael for all your time helping myself and others on this list as I have found answers in your replies to others. I no doubt speak for many when I say we appreciate your patience and dedication.
To answer your question, I am using OpenLDAP 2.1.25 which is referred to as their /stable/ release.
My OpenCA 0.9.1-7 installation does have the DN_WITHOUT_EMAIL set to "Y" as you have recommended. It was however the generation of the self-signed CA-Certificate that had the email address in the DN which was causing OpenLDAP to complain about the naming attribute 'email' not present in entry. I am guessing that the DN_WITHOUT_EMAIL does not apply to the CA-Certificate generation. I happily got around this CA-Certificate generation problem by simply leaving the email field empty when doing Initialize CA Phase 1.
Gene Hovey
------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
