Hello Oliver, Thanks for your tip, it was the pass'characters such as '"è(ç&' that created havoc to issue the CSR... I changed the passphrase and it works again now; I ll learn more about openssl cmds, it is very usefull when troubles start!!!
Cheers, Jeremie -----Message d'origine----- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de Oliver Welter Envoyé : lundi 22 août 2005 18:48 À : [email protected] Objet : Re: [Openca-Users] CA backup on another machine Hi Jeremie, > backup and pasted the var/crypto/ folders with the cacert and private key > from my working server to the new server but when it comes to issue a new > cert request or a new crl, my CA passphrase fails. > > I've got the following messages in the CA interface after entering the CA > passphrase: > - for new CSR signing request : Error 6702: General Error Cannot > use the private key of the CA (7113050). Wrong passphrase for private key! > - For new CRL building: > Initializing CA token ... ECHEC > OpenCA::Token errorcode: 7113050 > OpenCA::Token errormessage: Wrong passphrase for private key! > Hmm that seems strange... Can you first have a look into the cakey.pem file - is it a regular PEM encoded key ? (should look like: -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,ED8534.... ...some lines of chars.... -----END RSA PRIVATE KEY----- If it looks like this you can try the password on the key with > openssl rsa -in cakey.pem -noout Do you have any special chars in the passphres ? Well known troublemakers are $<>= - if so try to change the passphrase > openssl rsa -in cakey.pem.old -des3 -out cakey.pem.new Oliver -- Diese Nachricht wurde digital unterschrieben oliwel's public key: http://www.oliwel.de/oliwel.crt Basiszertifikat: http://www.ldv.ei.tum.de/page72
smime.p7s
Description: S/MIME cryptographic signature
