Hi, I'm setting up a new OpenCA v1.0.2 installation and I've created a CA cert using the commands in the "DB, Key and Cert Init" menu.
When I try to view the list of valid CA certs I see the cert with the
following info:
Serial:
5c04439019f2385b4f1deaxxxxxxxxxxxx9da7ff6a70263be2ef9 (0x5)
Common Name: Grid-Ireland Certification Authority (Test 2009)
Email: c...@grid.ie
(Serial edited, just in case I'm actually showing you my private key or
something!) The serial number looks odd, It matches the "ca_cert_key"
field in the "ca_certificates" table in the DB (I'm using MySQL). And it
doesn't correspond to the serial in the cert:
$ openssl x509 -in cacert.crt -noout -serial
serial=F5XXXXXXXXXXXX42
Now, if I click on the link to get to the viewCert page for this cert, I
see:
Grid-Ireland Certification Authority (Test 2009) [-1]
Issued By: Grid-Ireland
Expiration on: Mar 2 17:13:19 2011 GMT
The [-1] seems incorrect: this should contain the serial number,
according to the source.
If I click the "more info" link I get:
Error 690
Configuration Error. Cannot determine status of this Certificate!.
And the URL contains "cgi-bin/pki/ca/ca?cmd=viewCertFull;key=-1", i.e.
it is trying to use -1 as the serial/key.
Can anyone suggest what might be going on here?
Thanks,
David O'Callaghan
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------------ Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H
_______________________________________________ Openca-Users mailing list Openca-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-users
