[Openca-Users] sscep vs OpenCA

Tue, 08 Aug 2006 10:27:34 -0700 

I have fixed some SCEP issues in my setup, and was trying to finish this. 
Running sscep patched with the certnanny patches, I get:


sscep enroll -f sscep.conf -v
sscep: starting sscep, version 20060428
sscep: hostname: ra.telkomsa.net
sscep: directory: cgi-bin/openca/scep/scep
sscep: port: 80
sscep: new transaction
sscep: transaction id: E55DC8C0C23E2ACEC5ED75E7F46CFEA5
sscep: generating selfsigned certificate
sscep: selfsigned certificate written as ./selfsigned.crt
sscep: SCEP_OPERATION_ENROLL
sscep: sending certificate request
sscep: creating inner PKCS#7
sscep: data payload size: 608 bytes
sscep: successfully encrypted payload
sscep: envelope size: 980 bytes
sscep: creating outer PKCS#7
sscep: signature added successfully
sscep: adding signed attributes
sscep: adding string attribute transId
sscep: adding string attribute messageType
sscep: adding octet attribute senderNonce
sscep: PKCS#7 data written successfully
sscep: applying base64 encoding
sscep: base64 encoded payload size: 3677 bytes
sscep: server returned status code 200
sscep: MIME header: x-pki-message
sscep: valid response from server
sscep: reading outer PKCS#7
sscep: PKCS#7 payload size: 2328 bytes
sscep: PKCS#7 contains 0 bytes of enveloped data
sscep: verifying signature
sscep: error verifying signature
13084:error:04077077:rsa routines:RSA_verify:wrong signature 
length:rsa_sign.c:154:
13084:error:21071069:PKCS7 routines:PKCS7_signatureVerify:signature 
failure:pk7_doit.c:868:


What would be causing this problem ?

How can I see more about this on the OpenCA side (the log configured in 
log.xml does not show very much regarding this).

The versions shown on the Node page are:

OpenSSL         0.9.135.2.4
Tools   0.4.3
DB      2.0.5
Configuration   1.5.3
TRIStateCGI     1.5.5
REQ     0.9.61
X509    0.9.57
CRL     0.9.24
PKCS7   0.9.19


openca-scep is 0.9.2 and openca is 0.9.2.2.


Regards,
Buchan

-- 
Buchan Milne
ISP Systems Specialist
B.Eng,RHCE(803004789010797),LPIC-2(LPI000074592)

Attachment: pgp02BEr0yFBs.pgp
Description: PGP signature

-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users

Reply via email to