> Error 700 General Error > The compilation of the command cmdViewCSR failed. Can't use an undefined > value as a HASH reference at > /usr/local/openra/openca/lib/functions/crypto-utils.lib line 1185.
hmm this looks like some file or request couldn't be found (undefined HASH)... maybe your cakey is empty or not there at all, did you do the initial dataexchange between ca and ra before using the ra? greetings dalini ---------------------------------------------- Hello Ives, I´m at home now, so I can´t send you configuration files. I do exactly this things http://www.openca.info/docs/howto/OpenCA_092_on_debian_dartmouth.txt connect to the ca: http://myhost.wherever.edu/openca Series of tabs should be visible. Select General->Initialization Phase I Initialize the Certification Authority Initialize Database initialize-> intialize DB .(reports sucess, but a slurry of error messages about table not found may appear on the console) initalize -> initalize phase 1 -> generate new secret key: des3 rsa 1024 (enter the pwd to protect the key) initalize -> initalize phase 1 -> generate new cert request (args as appropriate)(I think you need to set the email to match the sender from the config file, but am not sure) initalize -> initalize phase 1 -> Self Signed CA Certificate (from altready generated request): 730 days initalize -> initalize phase 1 -> Rebuild CA Chain initalize -> initalize phase 2 -> new request: fields as appropriate. This is the cert for the ca admin initalize -> initalize phase 2 -> edit request: (submit)(issue) initalize -> initalize phase 2 -> handle request: export as p12 (pwd the PIN entered during request) save to disk, import into browser initalize -> initalize phase 3 -> new request: (RAOperator as role) initalize -> initalize phase 3 -> edit request: (submit)(issue) initalize -> initalize phase 3 -> handle request: export as p12 (pwd the PIN entered during request) save to disk, import into browser Now initialize the RA database http://myhost.wherever.edu/ra-node Admin->Server Init, initialize DB Admin->Server Init, Import Configuration Now move the Certs down to the RA http://myhost.wherever.edu/openca Now export info to the RA: General -> Node Management (brings you to CA-NODE urls) Administration->Dataexchange Enroll data to a lower level of the hierarchy->all General-> Registration Authority (to the ra) General-> node management (to the ra-node) Administration->Dataexchange Download data from a higher level of the hierarchy->All (errors getting CA certificate are ok and expected; it came from the import config above) Now to issue the first client certificate: http://myhost.wherever.edu/pub User->Request a Certificate->Request a certificate with automatic browserdetection (fill out fields as desired)(note the request serial number generated; use it to pick it up below) Now approve the request: http://myhost.wherever.edu/ra Active CSRs->New->(search) click on submit name/serial number (color link) The dataexchange in config.xml of openra and openca directories looks like this: !-- these are the devices for the default dataexchange --> (these might not be in config.xml; if not, see below) <name>dataexchange_device_up</name> <value>/usr/local/openca/openca/var/tmp/ca-up</value> </option> <option> <name>dataexchange_device_down</name> <value>/usr/local/openca/openca/var/tmp/ca-down</value> </option> <option> <name>dataexchange_device_local</name> <value>/usr/local/openra/openca/var/tmp/ra-local</value> Is it possible, that in the docu from Kevin Mitcham http://www.openca.info/docs/howto/OpenCA_092_on_debian_dartmouth.txt missing one or two tasks ? Friendly Regards Herbert -- Lust, ein paar Euro nebenbei zu verdienen? Ohne Kosten, ohne Risiko! Satte Provisionen für GMX Partner: http://www.gmx.net/de/go/partner ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
