Hi Martin,
thx 4 ur help, but u misunderstood the problem.
Martin Bartosch wrote:
But there's one question left. What about the ra-operator certificate ?
I generated it, when I initialized the ca. But when I want to install it
on the ra-machine, its not possible .... I mentioned this behaviour
before. If I try to download the certificate, its not the ra-operators
one that is shown, but the last user certificate that was issued. How do
I get the ra-operators certificate in my browser on the ra machine ?
An RA Operator certificate is exactly this, a user certificate giving
an individual the necessary credentials to act as Registration Officer.
That is clear now. But when I initialized the CA I created an
RA-Operator certificate for a person let me call him "Bert Bube". I used
the "ra-operator role" template for that one.
Then for testing reason I began to request, sign and issue several
certificates, for example with the existing template "user" or
selfgenerated templates for example for ssl-client-authentication and
efs. This way I issued round 10 certificates. The last "normal" user
certificate I issued for "Anna Aschenberger".
I did not use an ra-operator role here.
Then something lightened my brain and I decided to install the
previously generated ra-operator certificate on the ra-machine. So I
went to the ca, Initialization->Create the initial RA
certificate->Handle the certificate and expected to find Bert Bube's
certificate here but found "Anna Aschenbergers" one.
I'm sure its an intended behaviour, but I dont understand it. Do I need
to issue another ra-operator certificate using a browser on the ra
connecting to the ca ?
Greets
Jan Roesner
[EMAIL PROTECTED]
-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server.
Download it for free - -and be entered to win a 42" plasma tv or your very
own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
