John A. Sullivan III wrote:
I used openssl x509 to examine the subject of every cert in
var/crypto/certs. Somehow, the very last two have the same DN. I
quadruple checked and they match character for character including
checking for terminating or initial spaces.
i think this is exactly the problem or better openssl does have here ;)
Could this be creating this problem? If so, how do I safely remove them?
Can I revoke them or, as I would suspect, will this create still show
duplicate DNs in the database? Thanks - John
no revoking would just add it to the crl if you issue one
but it would still appear in the list of issued certificates of course
but you can try to remove one entry from the openssl index file, usaly
this should help
(i'm not sure if openca may rebuild this from its own database, you it
would maybe add this entry again - just try... otherwise you have to
remove it from the internal openca db too, would be easy if you use a
real sql system...)
so next time you can just check var/crypto/index since this is the
internal openssl db... if you find there a line with the same DNs
openssl will usaly fail to operate... with this kind of error message
you have
greetings
dalini
-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
