To fix this bug, I replaced line 2576 in OpenSSL.pm $smime->encrypt(CERTIFICATE => $sign_x509) with $smime->encrypt(CERTIFICATE => $enc_x509)
I was having the same problem with unreadable CRIN-mail, and so I updated the file with this fix and re-installed OpenCA. Unfortunately, now the RA won't send email at all.
I have confirmed that send_mail_automatic is set to yes, and that sendmail is configured correctly. I can send the generated crin mails (from var/temp/mail/crins) by hand, but they are still unreadable.
The problem is mostly just an annoyance at this point, as we have another (later) version of OpenCA running, and generating CRIN-mail correctly.
Are the CRIN-mail messages the only way to revoke certificates? Is there a way for the admin to revoke a certificate without having the CRIN code: [ revocation pin ]? Or to find out the CRIN code?
For example, to revoke the certificate of a user who is no longer affiliated with the CA orginization.
Kevin
-------------------------------------------------------
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users