Hi List- Many thanks for suggestions relating to my other posts here (some of which I'm still trying to resolve), but I did get a successful configure/make/make install of OpenCA according to the OpenCA Cookbook that Johnny Gonzalez referred me to on a SuSE 9.0 box. I'm still struggling with this part on a Gentoo system, but with the SuSE system, I may be suffering from a configuration problem, and that's what I'm trying to resolve with this message.
I have the following error upon accessing https://localhost/ra Error Aborting connection - you are using a too short symmetric keylength (). General Error. 6251043. I saw in the archives in May where someone else had this problem and Michael pointed out the solution by explaining that the keylength in etc/access_control/ra.xml file was appraently the problem. In my etc/access_control/ra.xml, I have the following: <openca> <access_control> <channel> <type>mod_ssl</type> <protocol>ssl</protocol> <source>.*</source> <asymmetric_cipher>.*</asymmetric_cipher> <asymmetric_keylength>0</asymmetric_keylength> <symmetric_cipher>.*</symmetric_cipher> <symmetric_keylength>128</symmetric_keylength> </channel> ... And when I use Mozilla Firefox to view https://localhost/ra and click the lock, it reports that the connection is encrypted with High-grade Encryption (AES-256 256 bit). Perhaps OpenCA doesn't know about the AES cipher? Or is it this other thing that Michael mentioned in his reply to that poster: "The empty () at the end of the errormessage looks like a general problem with your SSL" I have no problems viewing other content over the https protocol. Only OpenCA stuff. Any help here? -Kevin ------------------------------------------------------- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
