Hi, this is actually a config error - check the config file:
PREFIX/etc/openca/access_control/ra.xml.template
fix the symmetric_keylength option to '.*' or whatever you want set it. It
seems that for some reasons Apache does not export the right KEYSIZE...
Check that the:
SSLOptions +StdEnvVars +ExportCertData
keyword in apache configuration (ssl.conf or httpd.conf) is present.
Later,
Max
Marco Pizzoli wrote:
Hi, I'm trying to access the RA interface, via https, and I obtain this error:"[initServer:314] Aborting connection - you are using a too short symmetric keylength ()."I debugged the SSL handshake and I can see that the "connection" with the browser is obtained with "AES 256-bit". I used the CipherFox Firefox extension.Could you help me? Thanks in advance Marco
--
Best Regards,
Massimiliano Pala
--o------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager] [EMAIL PROTECTED]
[EMAIL PROTECTED]
Dartmouth Computer Science Dept Home Phone: +1 (603) 369-9332
PKI/Trust Laboratory Work Phone: +1 (603) 646-9179
--o------------------------------------------------------------------------
People who think they know everything are a great annoyance to those of us
who do.
-- Isaac Asimov
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ Openca-Users mailing list Openca-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-users
