Hello,
I have generated the key pair (on CA machine) for RA operator using the
Phase I of CA initialization (as it is described in Ch.7 of OpenCA guide).
Then I've transferred the RA operator's private key and the certificate to
RA machine. When I am trying to approve a CSR on RA's interface, I am
getting the following error: The sign is needed! The private key and the
certificate (PKCS#12 format) are imported into my browser when I am trying
to approve the CSR. But I've noticed the following difference between CA and
RA machines:
in the database (mysql) of the CA machine there IS the RA operator's
certificate (in the table called "certificate"), in the database of the RA
machine - there IS NOT. I think, that downloading certificate from the CA
(after CA enrolls it) will put the RA operator's certificate into the
database. But the problem is that when I enroll certificates from CA, the RA
operator's certificate IS NOT enrolled, though it is valid.
Does anybody have a clue how to solve this problem?
Thanks in advance,
Arsen.
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users
