Hi Janet,
to solve the problem with etc_configure.sh have a look on the syntax
of your config.xml
I ran into the same problem when I had a typo in my config.xml. In my
case I copied the config.xml in an editor with syntax highlighting
thus I found out the problem very fast.
Kind regards, Matthais
On 4/5/07, Janet N <[EMAIL PROTECTED]> wrote:
> No that didn't fix the problem. Apache logs complains "You don't have
> permission to access /cgi-bin/ca/ca on this server," which is odd since I
> have httpd-user=apache and openca-group=apache.
>
> Actually my problem is that installing the CA and RA without using the
> default dataexchange configuration will failed for me, it would not generate
> the openca_start program for me. First time installing the RA for the
> "dataexchange configuration" section I've uncommented #2. the node acts as
> RA only, and when I ran "./configure_etc.sh" it failed, with the following
> error:
>
> [EMAIL PROTECTED] etc]# ./configure_etc.sh
> =================================================================
> fixing directory: /usr/local/openra/openca/etc
> =================================================================
> -------------begin file-----------------
> template: ./backup.xml.template
> target: ./backup.xml
> status: To be updated
> Error:
> Message:
> --------------end file------------------
> -------------begin file-----------------
> template: ./database/DBI.conf.template
> target: ./database/DBI.conf
> status: To be updated
> Error:
> Message:
> --------------end file------------------
> -------------begin file-----------------
> template: ./rbac/acl.xml.template
> target: ./rbac/acl.xml
> status: To be updated
> Error:
> Message:
> --------------end file------------------
> -------------begin file-----------------
> template: ./openca_start.template
> target: ./openca_start
> status: To be updated
> Error:
> Message:
>
> Only when I go back and edit the config.xml file to use the default
> dataexchange configuration then it compiled. Same problem for the CA as
> well. What is wrong here? I want to install a CA node and RA node only and
> NOT use the default.
>
> I've noticed that there is a openca-tools source package, do I need to
> install this first to have a CA and RA working? If so, when I configure can
> I use the default ./configure then make install?
>
> My configure options for RA below:
> PREFIX=/usr/local/openra
>
> make clean 2> /dev/null
> make distclean 2> /dev/null
>
> ./configure \
> --prefix=${PREFIX} \
> --with-node-prefix=ra-node \
> --with-openca-prefix=${PREFIX}/openca \
> --with-etc-prefix=${PREFIX}/openca/etc \
> --with-httpd-fs-prefix=${PREFIX}/httpd \
> --with-module-prefix=${PREFIX}/modules \
> --with-engine=no \
> --with-web-host=" s01.prog.devbms.com" \
> --with-ca-organization="XYX" \
> --with-ca-country=US \
> --with-ca-locality="Palo Alto, CA" \
> --enable-db \
> --enable-ocspd \
> --enable-scep \
> --enable-dbi \
> --enable-rbac \
> --with-httpd-user=apache \
> --with-httpd-group=apache \
> --with-openca-user=root \
> --with-openca-group=apache \
> --with-hierarchy-level=ra
>
> And attached is my RA config.xml file for your reference.
>
> Thanks,
> Janet
>
>
> On 4/4/07, Matthias Alsmann <[EMAIL PROTECTED]> wrote:
> >
> > Hi Janet,
> >
> > > When I checked the httpd error log file I get:
> > >
> > > [Tue Apr 03 06:04:42 2007] [error] [client 192.168.200.111 ]
> (13)Permission
> > > denied: exec of '/usr/local/openca/httpd/cgi-bin/ca/ca'
> > > failed
> > >
> > > Although, I have httpd running as root so not sure why permission
> denied.
> > >
> >
> > You have different paths in your httpd.conf
> > The script alias contains 'openra' but the directory stanza contains
> > 'openca' and I think this is your problem.
> >
> > Kind regards, Matthias
> >
> >
> -------------------------------------------------------------------------
> > Take Surveys. Earn Cash. Influence the Future of IT
> > Join SourceForge.net's Techsay panel and you'll get the chance to share
> your
> > opinions on IT & business topics through brief surveys-and earn cash
> >
> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
> > _______________________________________________
> > Openca-Users mailing list
> > [email protected]
> > https://lists.sourceforge.net/lists/listinfo/openca-users
> >
>
>
> -------------------------------------------------------------------------
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net's Techsay panel and you'll get the chance to share your
> opinions on IT & business topics through brief surveys-and earn cash
> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
> _______________________________________________
> Openca-Users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/openca-users
>
>
>
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
