Hi all, I was curious if it was possible to auto-issue certificates from SCEP requests. In the scep.conf(.template) I have ScepAutoApprove set to "YES" (although this only mentions certificate renewals, not new requests), and I have also turned on Automatic Certificate Issuing, yet every time a request utilizing SCEP comes in, the CA does not generate and return a certificate. If I check new Certificate Requests, I still see the request there and a certificate wasn't issued. My SCEP client then reports back that auto-approvals are not enabled on the CA.
As an important note, the same thing happens when manually create a certificate request from the public interface (it doesn't get automatically issued). I notice that every time I enable Auto Certificate Issuing, these messages get outputted into the stderr.log: DBD::mysql::db commit failed: MySQL server has gone away at /opt/openca/lib/openca/perl_modules/perl5/OpenCA/DBI.pm line 3421. DBD::mysql::db commit failed: MySQL server has gone away at /opt/openca/lib/openca/perl_modules/perl5/OpenCA/DBI.pm line 3421. >From what I can tell, it can communicate with the MySQL server fine in other instances since it is actively adding information into the tables (such as new requests into the request table, etc), although I certainly could be wrong. I also set the broadest configuration values for Auto Certificate Issuing to be sure the requests would match those it was willing to issue, including disabling the requirement for the certificates to be signed by the RA. This seems like a configuration issue and something tells me it's a little detail I'm probably overlooking. Thanks, Jake
------------------------------------------------------------------------------
_______________________________________________ Openca-Users mailing list Openca-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-users
