AW: [Openca-Users] openssl.cnf

Thu, 15 Sep 2005 02:49:36 -0700

Hi,

thanks for your reply…

 

so Oliver is right and you didn’t have to change the openssl.cnf?

Mario

 

Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von worou noee
Gesendet: Donnerstag, 15. September 2005 09:40
An: [email protected]
Betreff: RE: [Openca-Users] openssl.cnf

 

Hi,

i have worked with madarche and here is what we have done to use the dc style:

 

In the config.xml of both CA and RA

in the section "General option we have had

<option>

    <name>dc_1</name>

    <value>int</value>

<option>

<option>

    <name>dc_2</name>

    <value>bceao</value>

<option>

dc-1 correspond to the root of the ldap base

dc-2 is the second component of the ldap base.

 

In ra.conf.template, ca.conf.template

In the section DN_TYPE ::= SPACK

we comment

#DN_TYPE_SPACK_BASE "O" "C"

And replace it with

DN_TYPE_SPACK_BASE "DC" "DC"

Also comment

#DN_TYPE_SPACK_BASE _1 "@ca_organisation@

#DN_TYPE_SPACK_BASE _2 "@ca_contry@"

And replace it with

DN_TYPE_SPACK_BASE _1 "@dc_2@

DN_TYPE_SPACK_BASE _2 "@dc_1@"

this because DC_TYPE_SPACK_BASE_2 Correspond to the root of the ldap base

 

Repeat this procedure in this section

DN_TYPE ::=IE

 

In the file pub.conf.template,repeat the same processus in thess sections

DN_TYPE ::=BASIC

DN_TYPE ::=TOKEN (if necessary)

DN_TYPE ::=SPACK

DN_TYPE ::=IE

 

I think it's all. My English is not so good . Hope that you understand what i want to say, tell me if some thinf are not clear.

Don't forget to run the configure_etc.sh

 

Mme Guei Noée Melaine
Mario Caspari <[EMAIL PROTECTED]> a écrit :

Hi all,

 

I’m now trying to get the ldap stuff running…but there are some problems.

First off all, I can’t find any hints how to change the openssl.cnf to suit the “dc style” configuration. I found a posting from april this year, where “madarche” announced something like a howto for this problem, but I can’t find it. And then, when I want openca to insert the ca certificate into the directory over the ldap interface, I get an error: “no global superior”, but probably this is just a inherited error from the first one.

 

You have some hints?

Thanks in advance

Mario

 

 

Appel audio GRATUIT partout dans le monde avec le nouveau Yahoo! Messenger
Téléchargez le ici !

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply via email to