Hi,
I followed the instructions that you said. For the time being, my problem is
that I go to this address:
https://localhost/html/pki/
and I can see the folders. My Apache and OpenCA services are up and running. I
run ./configure_etc.sh also. The config files have also been configured
correctly (I hope so).
When I click on openCa to go to the interface, It gives me again:
Not Found
The requested URL /cgi-bin/pki/ca/ca was not found on this server
I really dont know why. I have checked almost all the config files to match my
needs such as:
ca.conf
config.xml
openca-configure
loa.xml
Here is the output of Apache error.log file.
[Tue May 29 13:14:34 2012] [error] [client 127.0.0.1] File does not exist:
/usr/lib/cgi-bin/pki, referer: https://localhost/html/pki/ca/
>[Tue May 29 13:14:39 2012] [error] [client 127.0.0.1] File does not exist:
>/usr/lib/cgi-bin/pki, referer: https://localhost/html/pki/ldap/
>[Tue May 29 13:14:41 2012] [error] [client 127.0.0.1] File does not exist:
>/usr/lib/cgi-bin/pki, referer: https://localhost/html/pki/node/
>[Tue May 29 13:14:44 2012] [error] [client 127.0.0.1] File does not exist:
>/usr/lib/cgi-bin/pki, referer: https://localhost/html/pki/pub/
>[Tue May 29 13:14:46 2012] [error] [client 127.0.0.1] File does not exist:
>/usr/lib/cgi-bin/pki, referer: https://localhost/html/pki/ra/
>[Tue May 29 13:14:48 2012] [error] [client 127.0.0.1] File does not exist:
>/usr/lib/cgi-bin/pki, referer: https://localhost/html/pki/batch/
>[Tue May 29 13:14:50 2012] [error] [client 127.0.0.1] File does not exist:
>/usr/lib/cgi-bin/pki, referer: https://localhost/html/pki/ca/
>[Tue May 29 13:50:25 2012] [error] [client 83.186.233.203] Invalid URI in
>request
>\xb3L&\x9a\xcf\xfb\xc7\x92\xce{\xc1\x0c\x88\xf8m;\xee\xd4\xb1^\x84\xbes\x8b\x027
>[Tue May 29 13:53:45 2012] [error] [client 194.213.104.17] request failed:
>error reading the headers
>[Tue May 29 14:58:09 2012] [error] [client 188.53.29.175] Invalid method in
>request
>\xf2f\x87\xd5\xb8\xd4w\xd5\xb9\xd3\xc6\xd5/\xdd\b\xd57d\x97\x95\x8a\x985\x91
>[Tue May 29 15:06:33 2012] [error] [client 212.244.176.29] Invalid URI in
>request
>\x11C\x9d\xa2(t\xf4\xd8\xec\xfe\xff\xdf\xd0\x8d\x01\xdc\r\x0e"\xca\xea\x9d\x94`\x183>
>[Tue May 29 15:37:32 2012] [notice] caught SIGTERM, shutting down
>[Tue May 29 15:37:32 2012] [warn] RSA server certificate CommonName (CN)
>`localhost' does NOT match server name!?
>[Tue May 29 15:37:32 2012] [warn] RSA server certificate CommonName (CN)
>`localhost' does NOT match server name!?
>[Tue May 29 15:37:32 2012] [warn] Init: Name-based SSL virtual hosts only work
>for clients with TLS server name indication support (RFC 4366)
>[Tue May 29 15:37:33 2012] [warn] RSA server certificate CommonName (CN)
>`localhost' does NOT match server name!?
>[Tue May 29 15:37:33 2012] [warn] RSA server certificate CommonName (CN)
>`localhost' does NOT match server name!?
>[Tue May 29 15:37:33 2012] [warn] Init: Name-based SSL virtual hosts only work
>for clients with TLS server name indication support (RFC 4366)
>[Tue May 29 15:37:33 2012] [notice] Apache/2.2.20 (Ubuntu) mod_ssl/2.2.20
>OpenSSL/1.0.0e configured -- resuming normal operations
>[Tue May 29 15:52:07 2012] [notice] caught SIGTERM, shutting down
>[Tue May 29 15:52:08 2012] [warn] RSA server certificate CommonName (CN)
>`localhost' does NOT match server name!?
>[Tue May 29 15:52:08 2012] [warn] RSA server certificate CommonName (CN)
>`localhost' does NOT match server name!?
>[Tue May 29 15:52:08 2012] [warn] Init: Name-based SSL virtual hosts only work
>for clients with TLS server name indication support (RFC 4366)
>[Tue May 29 15:52:08 2012] [warn] RSA server certificate CommonName (CN)
>`localhost' does NOT match server name!?
>[Tue May 29 15:52:08 2012] [warn] RSA server certificate CommonName (CN)
>`localhost' does NOT match server name!?
>[Tue May 29 15:52:08 2012] [warn] Init: Name-based SSL virtual hosts only work
>for clients with TLS server name indication support (RFC 4366)
>[Tue May 29 15:52:08 2012] [notice] Apache/2.2.20 (Ubuntu) mod_ssl/2.2.20
>OpenSSL/1.0.0e configured -- resuming normal operations
>[Tue May 29 15:53:19 2012] [error] [client 127.0.0.1] File does not exist:
>/var/www/pki
>[Tue May 29 15:54:05 2012] [error] [client 127.0.0.1] File does not exist:
>/usr/lib/cgi-bin/pki, referer: http://localhost/html/pki/ca/
>[Tue May 29 15:54:09 2012] [error] [client 127.0.0.1] File does not exist:
>/usr/lib/cgi-bin/pki, referer: http://localhost/html/pki/batch/
>[Tue May 29 15:54:14 2012] [error] [client 127.0.0.1] File does not exist:
>/usr/lib/cgi-bin/pki, referer: http://localhost/html/pki/ca/
>[Tue May 29 16:01:46 2012] [error] [client 127.0.0.1] File does not exist:
>/var/www/vpki.kth
>[Tue May 29 16:01:50 2012] [error] [client 127.0.0.1] File does not exist:
>/var/www/vpk
>[Tue May 29 16:01:54 2012] [error] [client 127.0.0.1] File does not exist:
>/var/www/vpki
I really don't know where is the mistakes. Any idea how to solve this problem.
It would be really nice if you can help me to move on.
Thanks a lot
From: Jack D. Pond <jack.p...@psitex.com>
To: 'Users' Help and Suggestions' <openca-users@lists.sourceforge.net>
Sent: Tuesday, May 29, 2012 5:03 AM
Subject: Re: [Openca-Users] Configuring OpenCA after installation (Mohammad
khodaei)
Jorge and Mohammad,
I feel your pain. I'm using Ubuntu 12.04 and I patch all of my machines daily
for security reasons. I also use Webmin for administrative (actually, the
operators use it), which updated DBI but not DBD::mysql, so to fix that, I
needed to do the following:
<pre>
pushd src/ext-modules
# remove the existing tar.gz files,
rm DBI
rm DBD-mysql
wget http://search.cpan.org/CPAN/authors/id/T/TI/TIMB/DBI-1.621.tar.gz
wget http://search.cpan.org/CPAN/authors/id/C/CA/CAPTTOFU/DBD-mysql-4.021.tar.gz
# now go into Makefile and correct the version numbers for DBI/DBD
vim Makefile
popd
</pre>
Now I'm going through the config files and correcting the configurations one by
one by examining the log files (apache error.log and openca stderr.log). I'll
post them when I've gotten them, but I think it's going to take a combination of
./configuration parameters and editing the .xml and (if necessary) .conf files
directly.
I'm rapidly coming to the conclusion this was far more work than the product is
worth.
Jack D. Pond
"Our lives begin to end the day we become silent about things that matter." --
Martin Luther King, Jr. (1929-1968)
> -----Original Message-----
> From: Jorge A. Arrieta N. [mailto:jarri...@e-novat.com]
> Sent: Monday, May 28, 2012 9:11 PM
> To: m_khod...@yahoo.com; openca-users@lists.sourceforge.net
> Subject: Re: [Openca-Users] Configuring OpenCA after installation (Mohammad
> khodaei)
>
>
> Mohammad, are you running OpenCA in Ubuntu, right?
>
> If so, checks the apache's logs and pay attention to the paths.
>
>
> OpenCA works out of the box with Red-Hat/CentOS, but in debian (and probably
> Ubuntu); apache use others paths.
>
> So, you need change the default openca configuration for apache.
>
> >Not Found
> >The requested URL /cgi-bin/pki/ca/ca was not found on this server.
>
> Try with "/html/cgi-bin/pki/ca/ca" (maybe, this address is "found", but give
you another
> problems).
>
>
> I can't give you more details, because I lost my test-OpenCA's installation.
>
>
> Grettings,
> Jorge A.
>
>
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and threat
landscape has
> changed and how IT managers can respond. Discussions will include endpoint
security,
> mobile security and the latest in malware threats.
> http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Openca-Users mailing list
> Openca-Users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openca-users
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users
________________________________
From: Jorge A. Arrieta N. <jarri...@e-novat.com>
To: m_khod...@yahoo.com; openca-users@lists.sourceforge.net
Sent: Tuesday, May 29, 2012 3:10 AM
Subject: Re: Configuring OpenCA after installation (Mohammad khodaei)
Mohammad, are you running OpenCA in Ubuntu, right?
If so, checks the apache's logs and pay attention to the paths.
OpenCA works out of the box with Red-Hat/CentOS, but in debian (and
probably Ubuntu); apache use others paths.
So, you need change the default openca configuration for apache.
>Not Found
>The requested URL /cgi-bin/pki/ca/ca was not found on this server.
Try with "/html/cgi-bin/pki/ca/ca" (maybe, this address is "found", but
give you another problems).
I can't give you more details, because I lost my test-OpenCA's
installation.
Grettings,
Jorge A.------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users
