[Openca-Users] CRINs

Fri, 15 Jul 2005 03:55:14 -0700 

I have set USE_REQUEST_PIN to YES in etc/servers/ca.conf (which is very 
usefull, because additional server generated CRINs are too complicate for 
users. Moreover Outlook e.g. cannot decrypt the Mail unless it contains X509 V3 
extendedKeyUsage=emailProtection, which is not wanted in certificates with 
other purposes, e.g. SSL Server)
- in the encrypted CRIN Mail I received, the @__SERIAL__@ and @__DN__@ were not 
substituted, but appeared exactly as those strings. The mail says correctly I 
should use the PIN entered 
during request generation for revoking the certificate.
- when I try to revoke the certificate via the pub interface, I first have to 
enter the CRIN twice in a form (together with a reason field and the serial 
number). After submitting this, I get a similar form, which distinguishes from 
the first only that the CRIN field appears only once ("Again CRIN"). I entered 
3 times the correct (100% sure!) PIN (which I entered at CSR generation), but I 
get "Fehler 690: Die CRINs sind verschieden". What's going wrong ?
(I can succesfully verify the PIN in the ra interface)

Best Regards --Michi

D.I. Michael Gsandtner 
Magistrat der Stadt Wien, MA 14 - ADV Referat EG1 
A 1082 Wien, Rathausstraße 1 
Email: [EMAIL PROTECTED] 
Telefon: +43 1 4000 91640 


-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=click
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users

Reply via email to