Hi, > I have fixed some SCEP issues in my setup, and was trying to finish > this. > Running sscep patched with the certnanny patches, I get:
> sscep: error verifying signature > 13084:error:04077077:rsa routines:RSA_verify:wrong signature > length:rsa_sign.c:154: > 13084:error:21071069:PKCS7 routines:PKCS7_signatureVerify:signature > failure:pk7_doit.c:868: > > > What would be causing this problem ? have you correctly configured your SCEP server certificate? Server cert and key file name configured in config.xml, no pass phrase on key but dummy pass phrase in config.xml? If you are using sscep manually, make sure that you use the first certificate returned by the getca operation as the CA certificate (sscep -c) option. > How can I see more about this on the OpenCA side (the log > configured in > log.xml does not show very much regarding this). Enable both debug settings in log.xml and have a look at var/log/ stderr.log. cu Martin ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
