Ives Steglich wrote:
Konstantin Khrooschev wrote:
k, so how does your scep.conf looks like?there is an interesting question i forgot to ask:
how is your openca setuped? have you a certificate and key pare for scep
at the openca.xml file before running ./configure_etc.sh?
no. scep configured in scep.conf afer that.
---------------------------
## ============== [ General Section ] =========================
DEFAULT_LANGUAGE "C"
DEFAULT_CHARSET "iso-8859-1"
DBmodule "DB"
CgiLibPath "/usr/local/OpenCA/lib/servers/scep/functions"
CgiCmdsPath "/usr/local/OpenCA/lib/servers/scep/cmds"
CgiServerType "scep"
CgiServerName "pub"
HtdocsUrlPrefix ""
SessionDir /usr/local/OpenCA/var/session/cookie
SessionLifetime 1200
ModuleID 33
ModuleShift 8
AccessControlConfiguration "/usr/local/OpenCA/etc/access_control/scep.xml"
SoftwareConfiguration "/usr/local/OpenCA/etc/config.xml"
RoleConfiguration "/usr/local/OpenCA/etc/rbac/roles.xml"
ModuleConfiguration "/usr/local/OpenCA/etc/rbac/modules.xml"
TokenConfiguration "/usr/local/OpenCA/etc/token.xml"
LogConfiguration "/usr/local/OpenCA/etc/log.xml"
CertsDir "/usr/local/OpenCA/var/crypto/certs"
CACertificate "/usr/local/OpenCA/var/crypto/cacerts/cacert.pem"
ChainDir "/usr/local/OpenCA/var/crypto/chain"
CRLDir "/usr/local/OpenCA/var/crypto/crls"
## Paths
openssl "/usr/bin/openssl"
sslconfig "/usr/local/OpenCA/etc/openssl/openssl.cnf"
scepPath "/usr/local/OpenCA/bin/openca-scep"
tempdir "/usr/local/OpenCA/var/tmp"
crlfile "/usr/local/OpenCA/var/crypto/crls/cacrl.crl"
## ==================== [ SCEP Section ] ======================
## It is just an example, you should change the 03.pem and/or
## the path pointing to the right key/cert pair
ScepRACert "/usr/local/OpenCA/ssl.crt/server.pem"
ScepRAKey "/usr/local/OpenCA/ssl.crt/key.pem"
ScepRAPasswd "RTS Test Key"
## ================== [ End SCEP Section ] ====================
------------------------------------
# ls -l /usr/local/OpenCA/ssl.crt/server.pem
-rw-r--r-- 1 root www-data 2217 Jul 15 11:05 /usr/local/OpenCA/ssl.crt/server.pem
# ls -l /usr/local/OpenCA/ssl.crt/key.pem
-rw-r--r-- 1 root www-data 964 Jul 15 11:06 /usr/local/OpenCA/ssl.crt/key.pem
-----------------------------------
-- Konstantin Khrooschev. RTS Stock Exchange. Network Department.
------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
