Hi, already, there is no way to sign CRR's (except Mozilla 1.x). When singing CRR's with IE[4567] the messege is:
Cannot build PKCS#7-object from extracted signature! OpenCA::PKCS7 returns errorcode 7911031 (OpenCA::PKCS7->new: Cannot initialize signature (7912021). OpenCA::PKCS7->initSignature: Cannot parse signature (7921021). OpenCA::PKCS7->getParsed: The crypto-backend cannot verify the signature (7742075). OpenCA::OpenSSL->verify: openca-sv failed. [Error]: error:04077068:rsa routines:RSA_verify:bad signature [Info]: Input file intialized. [Info]: Signaturefile initialized. [Info]: Reading Certificate file. [Info]: PKCS#7 object loaded. [Info]: Data is ready for verification. [Info]: Signature Informations (PKCS#7): depth:1 serial:C732D5C7CD8E9BCB subject:emailAddress=*******,CN=Daheim PKI,OU=Daheim CA Organisation,O=Daheim,C=DE depth:0 serial:01 subject:CN=RA Admin,OU=Users,O=Daheim,C=DE [Info]: Signature is corrupt. Errorcode -1. signature:error:-1 ). May be I can help fixing it, but I need some hints... Regards Ralf ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Openca-Users mailing list Openca-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-users
