[Openca-Users] Unable to connect to SCEP interface / Error 6296060 / Permision denied

Wed, 16 Feb 2005 06:10:16 -0800 

Hi FOlks,

I try to get SCEP working. I use 0.9.2.1 on an AMD64 with Susie 9.2

The system works fine, manual (Webfrontend) certificate management works fine, but I cant get SCEP to work.

I have done so far:
* created scep-certificate
* disabled accesscontrol (accesscontrol/scep.xml)
* map_role set to no

If I call the scep interface I get an OpenCA-HTML Screen:

Error 6296060: General Error Permission denied.

excerpt from the xml log:

    <class>access_control</class>
    <errno>6296060</errno>
    <errval>permission denied.</errval>
    <id>110856228178460093139617155133814985682905</id>
    <iso_timestamp>2005-02-16 13:58:01</iso_timestamp>
    <level>critical</level>
    <login>
        <name></name>
        <role></role>
        <type>none</type>
    </login>
    <message>loadconfig: entering function
    loading channel configuration ...
        channel type ... mod_ssl
        security protocol ... http
        source ... .*
        asymmetric cipher ... .*
        asymmetric keylength ... 0
        symmetric cipher ... .*
        asymmetric keylength ... 0
loadloginconfig: entering function
loadloginconfig: leaving function successfully
loadroleconfig: entering function
loadroleconfig: leaving function successfully
loadoperationconfig: entering function
loadoperationconfig: leaving function successfully
loadconfig: leaving function successfully
checking the channel ...
    loading channel data ...
        channel type ... mod_ssl
    check channel data ...
        channel type ... ok
        security protocol ... ok
        source ... ok
        asymmetric cipher ... ok
        asymmetric keylength ... ok
        symmetric cipher ... ok
        symmetric keylength ... ok
channel is ok
starting authentication ...
    channel type ... mod_ssl
    try to get a session ...
    try to login ...
        type ... none
        identification disabled
    checkacl ...
    rbac loaded
    role loaded
    operation loaded
    owner loaded
getaccess: real module: 33
getaccess: real role:
getaccess: real operation: ca-cert send
getaccess: real owner:
</message>

Any ideas ?

Oliver

--
Diese Nachricht wurde digital unterschrieben
oliwel's public key: http://www.oliwel.de/oliwel.crt
Basiszertifikat: http://www.ldv.ei.tum.de/page72

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to