Hi *, I still get the error (as mentioned weeks before) here is my scep.conf:
# Secure Server Configuration File ## (c) 1999 by Massimiliano Pala and the OpenCA Group ## ## Please Refer to the Documentation for a full detailed ## description of params. Read the README file in this dir ## for more infos on programs accessing this file. ## ============== [ General Section ] ========================= ScepAllowEnrollment "YES" ScepAllowRenewal "YES" ScepKeepSubjectAltName "YES" ScepRenewalRDNMatch "" # Defaults for initial enrollment ScepDefaultRole "User" #ScepDefaultRA "MyRA" ScepAutoApprove "NO" DEFAULT_LANGUAGE "en_GB" DEFAULT_CHARSET "iso-8859-1" DBmodule "DBI" CgiLibPath "/export/openca-pub/openca/lib/functions" CgiServerType "scep" CgiServerName "scep" HtdocsUrlPrefix "" SessionDir /export/openca-pub/openca/var/session/cookie SessionLifetime 1200 ModuleID 33 ModuleShift 8 AccessControlConfiguration "/export/openca-pub/openca/etc/access_control/scep.xml" SoftwareConfiguration "/export/openca-pub/openca/etc/config.xml" RoleConfiguration "/export/openca-pub/openca/etc/rbac/roles.xml" ModuleConfiguration "/export/openca-pub/openca/etc/rbac/modules.xml" TokenConfiguration "/export/openca-pub/openca/etc/token.xml" LogConfiguration "/export/openca-pub/openca/etc/log.xml" CertsDir "/export/openca-pub/openca/var/crypto/certs" CACertificate "/export/openca-pub/openca/var/crypto/cacerts/cacert.pem" ChainDir "/export/openca-pub/openca/var/crypto/chain" CRLDir "/export/openca-pub/openca/var/crypto/crls" ## Paths openssl "/usr/bin/openssl" sslconfig "/export/openca-pub/openca/etc/openssl/openssl.cnf" scepPath "/export/openca-pub/bin/openca-scep" tempdir "/export/openca-pub/openca/var/tmp" crlfile "/export/openca-pub/openca/var/crypto/crls/cacrl.crl" ## ==================== [ LOA Support ] ========================= ## USE_LOAS takes either YES or NO USE_LOAS "yes" ## ==================== [ SCEP Section ] ====================== ## It is just an example, you should change the 03.pem and/or ## the path pointing to the right key/cert pair ScepRACert "/export/openca-pub/openca/etc/scep/certs/scep_ra.pem" ScepRAKey "/export/openca-pub/openca/etc/scep/private/scep_ra.pem" ScepRAPasswd "" ## ================== [ End SCEP Section ] ==================== Best regards /Ralf > Ralf Hornik Mailings schrieb: > Dear list, > > I try to work with sscep (OpenBSD) and can successfully download the > ca-certificate using scep. > > But when I try to enroll a certificate (sscep enroll -f /etc/sscep.conf -c > ca.crt -r local.csr) it fails and stderr.log shows: > > OpenCA: General error trapped 700: The compilation of the command > cmdScepPKIOperation failed. Modification of a read-only value attempted at > /export/openca-pub/modules/perl5/OpenCA/Logger/Syslog/Sys.pm line 91.<br> > Compilation failed in require at > /export/openca-pub/openca/etc/openca_start line 62. > > The same gets the sscep client, when I trace the process. > > My scep.conf file is unchanged except the path to teh key and certificate > for the scep interface. access_control/scep.xml is only "map_role" set to > "no". The scep interface is located on the RA side. OpenCA version is > 0.9.2.5. > > Has anybody an idea? > > Thanks and best Regards > > Ralf > > > > _______________________________________________ > Openca-Users mailing list > Openca-Users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openca-users > -- _______________________________________________ Openca-Users mailing list Openca-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-users
