Hello, does anybody read the list who developes or works with openca?
> Ralf Hornik Mailings wrote: > when I want to approve a CSR with digital signing using Internet Explorer > 6 it works well but when I do the same with an CRR (same signing > certificate)I get the following: > > Error 6206 > General Error Cannot build PKCS#7-object from extracted signature! > OpenCA::PKCS7 returns errorcode 7911031 (OpenCA::PKCS7->new: Cannot > initialize signature (7912021). OpenCA::PKCS7->initSignature: Cannot parse > signature (7921021). OpenCA::PKCS7->getParsed: The crypto-backend cannot > verify the signature (7742075). OpenCA::OpenSSL->verify: openca-sv failed. > [Error]: error:04077068:rsa routines:RSA_verify:bad signature > [Info]: Input file intialized. > [Info]: Signaturefile initialized. > [Info]: Reading Certificate file. > [Info]: PKCS#7 object loaded. > [Info]: Data is ready for verification. > [Info]: Signature Informations (PKCS#7): > depth:1 serial:BAAB7AAE9EDF433E > subject:[EMAIL PROTECTED],CN=Test Root CA,OU=PKI,O=Some > Company,C=DE > depth:0 serial:02 > subject:serialNumber=2,[EMAIL PROTECTED],CN=Registration > Authority Administrator,OU=Trustcenter,O=Some Company,C=DE > [Info]: Signature is corrupt. Errorcode -1. > signature:error:-1 > ). I believe that is a known problem because I found the following: http://www.mail-archive.com/[email protected]/msg02824.htm > When I approve a user validated CRR (using CRIN) OpenCA tells me that it > has been signed correctly but later I see a "broken singature" and "no > pksc7 object has been created" when I view the CRR. > > On mozilla id doesn't create any digital signature at all, neither > approving any C[SR]R nor login using x.509 or anything else. > > I tested it with Mozilla Firefox version 1.0.6 to 1.5 (secClab > installed) and IE version 6. > > Can anybody help me? Is this a client side Issue? Is this (or might be) a client side issue, (e.g. in Mozilla or IE)? Any tips/expiriences/solutions/workarounds/patches/info needed/...? Thanks Ralf Perlversion 5.8.6 Opensslversion 0.9.7a OpenCA ----------------------------- OpenSSL 0.9.135.2.11 Tools 0.4.3 DB 0.9.115.2.8 Configuration 1.5.3 TRIStateCGI 1.5.5 REQ 0.9.61.2.1 X509 0.9.57 CRL 0.9.24.2.1 PKCS7 0.9.19.2.5 ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
