Dear list, I want to learn something about the BP module so I read the (little to) short explantation in the OpenCA Documentation.
However I found some more information via google but I cannot collect them usefully... 1. I created a separate bp/log/backup_key since my cakey is located on an etoken. 2. I created a certificate for this key (bp_cert.pem) and changed all corresponding symlinks (key and certs) for log and key_backup. 3. I created a file batch_process_data.txt whith this content: USER ralf PROCESS gen_cert_ralf set_state new_process ROLE User SUBJECT_ALT_NAME_1 email:r...@xxx SUBJECT emailaddress=r...@xxx, CN=Ralf Hornik, O=Daheim, C=DE LOA_MODE USE_IT LOA 10 imported...@private -----BEGIN MYPIN----- -----BEGIN PKCS7----- MIICBwYJKoZIhvcNAQcDoIIB+DCCAfQCAQAxggGvMIIBqwIBADCBkjCBjDELMAkG A1UEBhMCREUxGDAWBgNVBAoTD05hdGl2ZSBTZWN1cml0eTESMBAGA1UECxMJTmFz ZWMgUEtJMSAwHgYDVQQDExdOYXRpdmUgU2VjdXJpdHkgUm9vdCBDQTEtMCsGCSqG SIb3DQEJARYedHJ1c3RjZW50ZXJAbmF0aXZlLXNlY3VyaXR5LmRlAgEtMA0GCSqG SIb3DQEBAQUABIIBAGap19ueBhm5TOWrAupP7d6z6ZdcwaaGWbC39WYjK69geSJo Br3PdhTy4JwygXdevcBlsNVNadt1SHIzosc110B6dWY+y/DdnrVyV9JrxA5YdEsr XqoJ8u/kNN15GLEDvyjZuBba98kFY6MqHup+Sco/VwtCkKxo0CCRWj3FqvsRzPz6 l2nhURSCZ3jZYOPFPfWsmF6HGc3QQjPPnF2c2bjlCMKzNpIHOwtIwOmRZ8M5ZTt3 WRbEVz7/we/t90cCf2HWFpPBIR2PXYw8ej8JOb4PfDtlzFPKJAshK5MbK20M8n29 ik9ESuraIBlQ82nq0k+HHBcGScqL7U+HigxGbB8wPAYJKoZIhvcNAQcBMB0GCWCG SAFlAwQBKgQQgebx01xrdMjKCXFMQQy7UoAQFFRAITpt2hamg9H2mgYZww== -----END PKCS7----- -----END MYPIN----- (PKCS7 was created using openca-sv) 4. I imported it into the batch interface using "Quick Import" Now I can see the new user and process. But at first the PIN in not shown because the Webinterface says (Unknown File: importedPIN) 5. anyway, next I start a new Workflow using "Do one step for all workflows", choose 16 steps and activate CA key AND BP Key for operation. But the batch process stops with error: "Cannot issue the certificate (6794). Cannot encrypt PIN-mail! Aborting! OpenCA::OpenSSL returns errorcode 0 (). -130" And the actual state of the process is CHECKED_CSR. In stderr.log I see my new issued certificate but It doesn't seem to be stored anywhere. So my questions are: 1. How can I import the PIN from PKCS7 File so that I can use it later 2. Why are the issued certificates not stored. Whats wrong? 3. Does the batch process start in background, once activated using "Do one step for all workflows" frequently, or do I have to configure somthing more? Thank you very much for any help. Ralf ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. ------------------------------------------------------------------------------ SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ _______________________________________________ Openca-Users mailing list Openca-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-users
