Hello Johnny,
Sorry to answer you so late.... So, I send, with this mail, the log about the IssueCert function.
From my part, I tried to debug openssl with the command described in the log ("ca -batch -config.... -subj....."), to understand in which function the error appears. And I found that it appears when openssl parse the subject (in particular, in the UTF8_getc function).
But, I cannot always resolve this problem....
I need always help ! Anybody had the same problem ? Anybody use the accent letters (é, è...) ?
Thanks
Bone
Johnny Gonzalez <[EMAIL PROTECTED]> a écrit :
Hello bone,
I'm not an expert in this area, but could you please
send us the log info in stderr.log?
Johnny.
--- val bon <[EMAIL PROTECTED]>escribió:
> Hi all,
>
> I'd like to generate a certificate of which the CN
> and OU has "special characters" like 'é' or 'è' or
> 'â'... So I have installed the last openca (0.9.2.4)
> and openssl-0.9.8 for using UTF8.
>
> I've succeeded generate the request with the special
> DN (in RA). But when I want to issue it (in CA), the
> following error appears :
>
> Error 6761
> General Error Error while issuing Certificate(ilt)
> to Thomas Vélas (filename:
> /usr/local/ca/perso/OpenCA/var/tmp/0C.req).
>
> OpenCA::OpenSSL returns errorcode 7721075
> (OpenCA::OpenSSL->issueCert: OpenSSL fails
> (7777 067). Using configuration from
>
/user/local/ca/perso/OpenCA/etc/openssl/openssl/user.conf
> Check that the request matches the signature
> Signature OK
> 987:error:0D07A086:asn1 encoding
> routines:ASN1_mbstring_ncopy:invalid
> utf8string:a_mbstr.c:132:
> error in ca
> ).
>
> I must find the problem because some users have name
> with this special characters !!! But I didn't find a
> message in this list with the same error.....
>
> Can you help me ?
> Thanks
>
> Bone
>
>
>
>
> ---------------------------------
> Appel audio GRATUIT partout dans le monde avec le
> nouveau Yahoo! Messenger
> Téléchargez le ici !
______________________________________________
Renovamos el Correo Yahoo!
Nuevos servicios, más seguridad
http://correo.yahoo.es
-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server.
Download it for free - -and be entered to win a 42" plasma tv or your very
own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
Appel audio GRATUIT partout dans le monde avec le nouveau Yahoo! Messenger
Téléchargez le ici !
OpenCA::AC->getAccess: access granted OpenCA::AC-> access granted OpenCA::AC->initToken: starting OpenCA::AC-> OpenCA::AC->getTokenParam ... OpenCA::AC-> OpenCA::AC->getTokenParam: name=CA OpenCA::AC-> OpenCA::AC->getTokenParam: argc=1 OpenCA::AC-> OpenCA::AC->getTokenParam: argv=TESTS OpenCA::AC-> OpenCA::AC->getTokenParam: restore CGI data OpenCA::AC->initToken: successfully finished OpenCA::Crypto->getToken: entering function OpenCA::Crypto->getToken: CA OpenCA::Crypto->getToken: token added OpenCA::Crypto->getToken: token is present OpenCA::Crypto->getToken: token is usable OpenCA::AC-> OpenCA::AC->getTokenParam ... OpenCA::AC-> OpenCA::AC->getTokenParam: name=CA OpenCA::AC-> OpenCA::AC->getTokenParam: argc=1 OpenCA::AC-> OpenCA::AC->getTokenParam: argv=TESTS OpenCA::AC-> OpenCA::AC->getTokenParam: restore CGI data OpenCA::OpenSSL->dataConvert: resetting error from -1 to 0. OpenCA::OpenSSL->dataConvert: passwd is set OpenCA::OpenSSL->dataConvert: inpwd is set OpenCA::OpenSSL->dataConvert: outpwd is set OpenCA::OpenSSL->dataConvert: command=pkcs8 -passin env:inpwd -passout env:outpwd -out /usr/local/ca/perso/OpenCA/var/tmp/801_cnv.tmp -in /usr/local/ca/perso/OpenCA/var/crypto/keys/cakey.pem -topk8 -outform PEM -inform PEM OpenCA::OpenSSL->dataConvert: using infile OpenCA::OpenSSL->_execute_command: entering function OpenCA::OpenSSL->_start_shell: try to start shell OpenCA::OpenSSL->_start_shell: | /usr/local/ssl-9.8/bin/openssl 1>/usr/local/ca/perso/OpenCA/var/tmp/801_stdout.log 2>/usr/local/ca/perso/OpenCA/var/tmp/801_stderr.log OpenCA::OpenSSL->_start_shell: shell started OpenCA::OpenSSL->_execute_command: pkcs8 -passin env:inpwd -passout env:outpwd -out /usr/local/ca/perso/OpenCA/var/tmp/801_cnv.tmp -in /usr/local/ca/perso/OpenCA/var/crypto/keys/cakey.pem -topk8 -outform PEM -inform PEM
OpenCA::OpenSSL->_execute_command: executed OpenCA::OpenSSL->_execute_command: command executed - stopping shell OpenCA::OpenSSL->_stop_shell: try to stop shell OpenCA::OpenSSL->_execute_command: check for error OpenCA::OpenSSL->_execute_command: detected error log OpenCA::OpenSSL->_execute_command: stderr: OpenCA::OpenSSL->_execute_command: leaving successful (return: 1) OpenCA::OpenSSL->dataConvert: openssl itself successful OpenCA::OpenSSL->dataConvert: passphrases deleted OpenCA::OpenSSL->dataConvert: return result like follows OpenCA::OpenSSL->dataConvert: -----BEGIN ENCRYPTED PRIVATE KEY----- .... I can't show this key !!!!!! -----END ENCRYPTED PRIVATE KEY----- crypto-utils.lib: crypto_get_csr_subject: $cert_subject: serialNumber=12,C=FR, CN=Thomas Vélas OpenCA::OpenSSL->setParams: key: CONFIG OpenCA::OpenSSL->setParams: value: /usr/local/ca/perso/OpenCA/etc/openssl/openssl/User.conf OpenCA::Tools->copyFiles: variable dump OpenCA::Tools->copyFiles: src = /usr/local/ca/perso/OpenCA/var/crypto/index.txt OpenCA::Tools->copyFiles: filelist = /usr/local/ca/perso/OpenCA/var/crypto/index.txt OpenCA::Tools->copyFiles: variables defined to copy a file (from /usr/local/ca/perso/OpenCA/var/crypto/index.txt to /usr/local/ca/perso/OpenCA/var/tmp/openssl_backup_801_index.txt) OpenCA::Tools->copyFiles: /usr/local/ca/perso/OpenCA/var/crypto/index.txt was opened for reading OpenCA::Tools->copyFiles: /usr/local/ca/perso/OpenCA/var/tmp/openssl_backup_801_index.txt was opened for writing OpenCA::Tools->copyFiles: copying completed OpenCA::Tools->copyFiles: variable dump OpenCA::Tools->copyFiles: src = /usr/local/ca/perso/OpenCA/var/crypto/serial OpenCA::Tools->copyFiles: filelist = /usr/local/ca/perso/OpenCA/var/crypto/serial OpenCA::Tools->copyFiles: variables defined to copy a file (from /usr/local/ca/perso/OpenCA/var/crypto/serial to /usr/local/ca/perso/OpenCA/var/tmp/openssl_backup_801_serial) OpenCA::Tools->copyFiles: /usr/local/ca/perso/OpenCA/var/crypto/serial was opened for reading OpenCA::Tools->copyFiles: /usr/local/ca/perso/OpenCA/var/tmp/openssl_backup_801_serial was opened for writing OpenCA::Tools->copyFiles: copying completed OpenCA::OpenSSL->issueCert: subject_rfc2253: serialNumber=12,C=FR, CN=Thomas Vélas OpenCA::OpenSSL->issueCert: subject parsed by X500::DN OpenCA::OpenSSL->issueCert: subject_x500: /CN=Thomas Vélas/C=FR/serialNumber=12 OpenCA::OpenSSL->issueCert: openssl=ca -batch -config /usr/local/ca/perso/OpenCA/etc/openssl/openssl/User.conf -keyfile /usr/local/ca/perso/OpenCA/var/crypto/keys/cakey.pem -passin env:pwd -days 355 -extfile /usr/local/ca/perso/OpenCA/var/tmp/User.ext -preserveDN -subj "/CN=Thomas Vélas/C=FR/serialNumber=12" -in /usr/local/ca/perso/OpenCA/var/tmp/0C.req OpenCA::OpenSSL->_execute_command: entering function OpenCA::OpenSSL->_start_shell: try to start shell OpenCA::OpenSSL->_start_shell: | /usr/local/ssl-9.8/bin/openssl 1>/usr/local/ca/perso/OpenCA/var/tmp/801_stdout.log 2>/usr/local/ca/perso/OpenCA/var/tmp/801_stderr.log OpenCA::OpenSSL->_start_shell: shell started OpenCA::OpenSSL->_execute_command: ca -batch -config /usr/local/ca/perso/OpenCA/etc/openssl/openssl/User.conf -keyfile /usr/local/ca/perso/OpenCA/var/crypto/keys/cakey.pem -passin env:pwd -days 355 -extfile /usr/local/ca/perso/OpenCA/var/tmp/User.ext -preserveDN -subj "/CN=Thomas Vélas/C=FR/serialNumber=12" -in /usr/local/ca/perso/OpenCA/var/tmp/0C.req OpenCA::OpenSSL->_execute_command: executed OpenCA::OpenSSL->_execute_command: command executed - stopping shell OpenCA::OpenSSL->_stop_shell: try to stop shell OpenCA::OpenSSL->_execute_command: check for error OpenCA::OpenSSL->_execute_command: detected error log OpenCA::OpenSSL->_execute_command: stderr: Using configuration from /usr/local/ca/perso/OpenCA/etc/openssl/openssl/User.conf Check that the request matches the signature Signature ok 805:error:0D07A086:asn1 encoding routines:ASN1_mbstring_ncopy:invalid utf8string:a_mbstr.c:132: error in ca OpenCA::OpenSSL->setError: errno: 7777067 OpenCA::OpenSSL->setError: errval: Using configuration from /usr/local/ca/perso/OpenCA/etc/openssl/openssl/User.conf Check that the request matches the signature Signature ok 805:error:0D07A086:asn1 encoding routines:ASN1_mbstring_ncopy:invalid utf8string:a_mbstr.c:132: error in ca OpenCA::OpenSSL->setError: errno: 7731075 OpenCA::OpenSSL->setError: errval: OpenCA::OpenSSL->issueCert: OpenSSL fails (7777067). Using configuration from /usr/local/ca/perso/OpenCA/etc/openssl/openssl/User.conf Check that the request matches the signature Signature ok 805:error:0D07A086:asn1 encoding routines:ASN1_mbstring_ncopy:invalid utf8string:a_mbstr.c:132: error in ca OpenCA::Tools->copyFiles: variable dump OpenCA::Tools->copyFiles: src = /openssl_backup_801_index.txt OpenCA::Tools->copyFiles: filelist = /openssl_backup_801_index.txt OpenCA::Tools->copyFiles: variable dump OpenCA::Tools->copyFiles: src = /openssl_backup_801_serial OpenCA::Tools->copyFiles: filelist = /openssl_backup_801_serial OpenCA::OpenSSL->_stop_shell: try to stop shell OpenCA::OpenSSL->_stop_shell: try to stop shell
