Hi, >> Thanks very much for the tip, I tried and it worked...almost... >> the certificates look good, but the ca certificate is shown with a wrong >> serial key, and when I click on it to display the contents I get an >> error that the ca certificate was not found in the database. >> The ca certificate serial key in the DB is ok, but somehow the openca >> commands are not able to correctly extract it. > > Other idea - put the pem-file of the ca.certificate as a tar-file on a > Flopy (or your configured dataexchange media) on the CA and import the > certificate as you will do after signing it by a foreign CA. I hope this > will import the certificate correctly into the database and not > overwrite some informaton (dont try it with your live data !!).
this is really worth a try. I have done the following successfully: - connect to database - 'delete from ca_certificate' - table should now be empty - import the ca cert as Oliver mentioned above: - put the CA certificate (PEM format) in the current directory - name it 'cacert.pem' - assuming you use /dev/fd0 as exchange medium: tar cf /dev/fd0 cacert.pem - run the import step of OpenCA initialization - now the CA certificate should be successfully imported in your var/crypto/cacerts and in the database Assuming you have a backup, this is also safe on a production system if you know what you are doing. Martin ------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
