Hi i am using RC4 and have a problem with the generated certificates and the email sent by OpenCA.
I cannot decrypt the mail sent by OpenCA.
My Mozilla 1.6 complains about the message: * the message has no digital signature * the message cannot be decrypted: There are unknown problems with this encrypted message.
I have imported my CA-Certificate and the pkcs12 and a cert via the pub interface, selected those for decrypting messages in my mozilla.
When i view the certificate in my mozilla preferences i dont see an email address in the CN. Instead i see something like Object Identifier (2 5 4 5 ) =1 CN= Michael Konietzka OU= Trustcenter O= Schlund C= DE
and many Object Identifier (x x x x ) in the "Extensions"
When i use the certificates for encrypting/signing my own emails, there are no complaints.
I have installed OpenSSL 0.9.7c 30 Sep 2003.
Any hints?
If i backup certficate and key, and look at the certficate via openssl i get the following output:
> openssl x509 -in konietzka.cert -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=DE, O=SP, OU=PKI, CN=Schlund Test CA/[EMAIL PROTECTED]
Validity
Not Before: May 11 12:00:43 2004 GMT
Not After : May 11 12:00:43 2005 GMT
Subject: C=DE, O=Schlund, OU=Trustcenter, CN=Michael Konietzka/serialNumber=1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (512 bit)
Modulus (512 bit):
00:b3:1b:18:66:7e:78:31:5a:50:fe:07:44:dd:ef:
c8:25:56:71:71:9d:90:b0:59:20:3f:36:bd:15:72:
d3:42:ad:83:7b:8f:65:4d:ca:1c:51:12:31:a6:f3:
f3:b3:05:a5:12:cb:f0:72:88:fa:2f:16:a7:8b:2d:
a7:5b:65:95:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Certificate Policies:
Policy: 1.2.3.3.4
Policy: 1.2.3.3.5
Policy: 1.2.3.3.6
CPS: http://some.url.org/cps
Netscape Cert Type:
SSL Client, S/MIME, Object Signing
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, E-mail Protection, Microsoft Smartcardlogin
Netscape Comment:
Certification Authority Administrator of Schlund
X509v3 Subject Key Identifier:
4B:2F:3C:F9:78:67:FC:D5:A1:76:A6:C8:A4:1A:A9:0B:97:48:C9:F2
X509v3 Authority Key Identifier:
keyid:81:2F:92:16:67:10:35:FF:69:FE:DF:EE:7D:89:E8:83:11:F9:03:19
DirName:/C=DE/O=SP/OU=PKI/CN=Schlund Test CA/[EMAIL PROTECTED]
serial:00
X509v3 Subject Alternative Name:
email:[EMAIL PROTECTED]
X509v3 Issuer Alternative Name:
email:[EMAIL PROTECTED]
Netscape CA Revocation Url:
http://ra.rossi.ue.schlund.de/pub/crl/cacrl.crl
Netscape Revocation Url:
http://ra.rossi.ue.schlund.de/pub/crl/cacrl.crl
X509v3 CRL Distribution Points:
URI:http://ra.rossi.ue.schlund.de/pub/crl/cacrl.crlBest regards Michael
------------------------------------------------------- This SF.Net email is sponsored by Sleepycat Software Learn developer strategies Cisco, Motorola, Ericsson & Lucent use to deliver higher performing products faster, at low TCO. http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3 _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
