I have been attempting to stand up a Openca 1.0.2 install in a testbed to
replace a 0.9.1 install I have in production. Everything went smoothly
(well not exactly, a couple of minor things that the mailing lists have
helped me fix). Anyway, I was able to create a new root cert, CA and RA
operator certs. After I import the RA operator cert is where I run into
trouble:
I get "This certificate has a nonvalid digital signature" in IE6 for the
root certificate I just created. The strange thing is it imports ok into
the browser but it doesn't get placed in Trusted Root Certs store - it
puts itself in Intermediate Root Certs store. Looking at the details of
the certificate there is a warning icon next to "Basic Constraints" and
"Key Usage".
How can this be fixed?
-----------------------------------------------------------------
DAVID BLAINE, GCIA , CISSP
GDLS-C Lead Information Risk Manager (LIRM)
CSC
6000 E. 17 Mile Rd. Sterling Heights MI 48313
GIS | o: 586.825.7650 | c: 810.217.8041 | f: 586.825.8606 |
dblai...@csc.com | www.csc.com
This is a PRIVATE message. If you are not the intended recipient, please
delete without copying and kindly advise us by e-mail of the mistake in
delivery.
NOTE: Regardless of content, this e-mail shall not operate to bind CSC to
any order or other contract unless pursuant to explicit written agreement
or government initiative expressly permitting the use of e-mail for such
purpose.
------------------------------------------------------------------------------
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users
