The password I enter is echoed, there there seems to be a typo in lib/functions/misc-utils.lib:
$info_list->{BODY}->[0]->[1] = '<input type=passwd name="PASSWD_'.uc ($type).'" value="" size=16 minlength=8>';
The input type should probably be "password".
This is a typo. I fixed it and will commit it in some minutes :)
What kind of password should be entered there anyway? When I use the private key password again, I get "Error 700, General Error. Permission denied, Wrong Passphrase..."
The second password question seems to be a bug?!
No, this is not a bug. Today you can set this password on the RA interface. The idea is that a user uses server side key generation and then he wants to download a pkcs#12 file. This download must be explicitly allowed by a RA operator. The reason is that this second passphrase (which should be deleted after a short period of time) is a protection against brute-force attacks on the passphrase of the key (users select so often weak passphrases that we need an additional protection mechanism).
You have to go to the RA interface, select the certificate and there should be a link to set this passphrase (Set/Delete passphrase for key enrollment).
I know that this mechanism is a "little" bit comlicated but there was no better idea. If you have one then feel free to discuss it with us.
Michael -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
