Hello everybody, My previous problems with the SCEP module of OpenCA are solved, but here is a new one :
When I request a cert using SSCEP, I can't succeed. I generate the request with : openssl req -newkey rsa:1024 -nodes -keyout r1.key -outform PEM \ -out r1.csr -subj \ '/C=DE/O=Deutsche Telekom/OU=Internet/CN=conchita.nmasse.homeip.net' I get the CA cert with : sscep getca -u http://cdp1.myca.os/cgi-bin/scep/scep -c ca.crt And I enroll the certificate with : sscep enroll -v -d -u http://cdp1.myca.os/cgi-bin/scep/scep \ -c ca.crt-0 -k r1.key -r r1.csr Then I approve the request and generate the cert, but the enrollment ends up with an error : sscep: cannot find requested certificate sscep: decrypting inner PKCS#7 sscep: PKCS#7 payload size: 1323 bytes sscep: found certificate with subject: /C=DE/O=Deutsche Telekom/OU=Internet/ CN=conchita.nmasse.homeip.net/serialNumber=20 issuer: /C=DE/O=Deutsche Telekom/CN=DT's root CA/ [EMAIL PROTECTED] It seems that OpenCA added serialNumber=20 to the cert's DN and SSCEP seems confused by that. Has anyone already used SSCEP ? And coped with this problem ? Best Regards, Nicolas MASSE. ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
