On Wed, 2005-08-31 at 10:57 +0100, Chris Covell wrote: > Hello there, > > can you do some tests please ? > > Using OpenSSL can you dump the CA private key using the CA password ? If > you cann't, then this is some sort of problem with the key pem file (are > you sure that it is the same as the original, i.e. is a binary copy, I > am thinking of cr/lf type issues).
diff backup_cakey.pem cakey.pem -s Files backup_cakey.pem and cakey.pem are identical > > Are you sure that you copied the CA private key, chain and certificate > files to the correct place when you recovered your backup ? > I'm sure that all pieces are in your place :-( Searching in google appears to be a problem with openssl > Chris... > > Jorge I. Davila L. wrote: > > The files is the same that I have in my backup. > > > > The only thing that has changed is the pass-phrase for the ca operator. > > > > I think the change of the pass-phrase don't affect nothing... I'm wrong? > > > > > > On Tue, 2005-08-30 at 10:19 -0600, Jorge I. Davila L. wrote: > > > >>Hi all!: > >> > >> > >>I'm facing the same problem ... but I tried the proposed solution > >>without results. > >> > >>Someone have another suggest? > >> > >>On Mon, 2005-08-22 at 18:25 +0400, Jeremie BOYER wrote: > >> > >>>Hi everybody, > >>> > >>>I tried to backup my CA server onto another machine. > >>> > >>>I use openca 0.9.2.2, openssl-0.9.7f-7 and mysql as database. Everything > >>>seems to work good from the pub/ra/ra-node/ca/ca-node interfaces. > >>> > >>>But the problem I'm currently facing with is that the CA passphrase for the > >>>CA private key (cakey.pem)doesn't work anymore on my new server. I have > >>>backup and pasted the var/crypto/ folders with the cacert and private key > >>>from my working server to the new server but when it comes to issue a new > >>>cert request or a new crl, my CA passphrase fails. > >>> > >>>I've got the following messages in the CA interface after entering the CA > >>>passphrase: > >>>- for new CSR signing request : Error 6702: General Error > >>>Cannot > >>>use the private key of the CA (7113050). Wrong passphrase for private key! > >>>- For new CRL building: > >>>Initializing CA token ... ECHEC > >>>OpenCA::Token errorcode: 7113050 > >>>OpenCA::Token errormessage: Wrong passphrase for private key! > >>> > >>>Any ideas ? How it comes when you backup a private CA key from one server > >>>to > >>>another the passphrase fails ? > >>> > >>>Thanks in advance for your help; > >>> > >>>Cheers, > >>> > >>> > >>>Jeremie > > > ------------------------------------------------------- > SF.Net email is Sponsored by the Better Software Conference & EXPO > September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices > Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA > Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf > _______________________________________________ > Openca-Users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/openca-users -- Jorge Isaac Davila Lopez ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
