Re: [Openca-Users] Re new CA cert but what about current RA certificates?

Mon, 17 Sep 2012 13:03:03 -0700 

The only way I could resolve this is to revoke all current RA certificates
and issue them under the renewed CA certificate.

Dave


dblaine wrote:
> 
> Hi all,
> 
> My CA certificate is up for renewal even though it still over a year 
> before it expires. So I renewed the CA certificate. I added the previous 
> and current CA certificate to 
> $OPENCA_HOME/var/openca/crypto/chain/root-ca.crt and rebuilt the chain. 
> Now when I create a certificate and go to approve in the RA interface 
> using the existing RA certificates I get 
> 
> 
> 
> 
> 
> The PKCS#7-object signals an error. The signature is not valid.
> 
> PKCS#7-Error 7932021: OpenCA::PKCS7->parseDepth: The chain is not 
> complete.
> 
> 
> 
> 
> Any ideas on how to resolve?
> 
> 
> Dave
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and 
> threat landscape has changed and how IT managers can respond. Discussions 
> will include endpoint security, mobile security and the latest in malware 
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Openca-Users mailing list
> Openca-Users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openca-users
> 
> 

-- 
View this message in context: 
http://old.nabble.com/Renew-CA-cert-but-what-about-current-RA-certificates--tp34245546p34444254.html
Sent from the openca-users mailing list archive at Nabble.com.


------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users

Reply via email to