Im running:
OpenCA 1.3.0
OpenCA tools 1.3.0
OpenSSL 1.0.1c 10 May 2012
Those are the newest versions. I have also tried with older OpenSSL, no
effect.
2012/9/23 <blain...@gdls.com>
> What version are you running? Have you applied any of the patches?
>
> Dave
> ------------------------------
>
> * From: *Jorma Jormeli [jormna...@gmail.com]
> * Sent: *09/23/2012 11:06 AM ZE3
> * To: *"Users' Help and Suggestions" <openca-users@lists.sourceforge.net>
>
> * Subject: *Re: [Openca-Users] Problem with OpenCA chain verification
>
>
> I have tried with both certs signed by the SubCA: CA and RA operator. I
> still get the same error.
>
> 2012/9/22 <blain...@gdls.com>
>
>> In my SubCA's I have separate RA and CA operator certificates that were
>> signed by the SubCA.
>>
>> Dave
>> ------------------------------
>>
>> * From: *Jorma Jormeli [jormna...@gmail.com]
>> * Sent: *09/22/2012 04:22 PM ZE3
>> * To: *openca-users@lists.sourceforge.net
>> * Subject: *Re: [Openca-Users] Problem with OpenCA chain verification
>>
>> Please can someone help me? I need to solve this critical problem.
>>
>> 2012/9/15 Jorma Jormeli <jormna...@gmail.com>
>>
>>> stderr.log says the following to the event:
>>>
>>> libGetSignerCertificateDB:: Signature => OpenCA::PKCS7=HASH(0xa74b560)
>>> libGetSignerCertificateDB:: Signature Signer => HASH(0xa74ad2c)
>>> libGetSignerCertificateDB:: Signature HAS a signer!
>>> libGetSignerCertificateDB:: Signature DOES NOT HAVE A VALID SIGNER -> No
>>> SERIAL!
>>>
>>> I don't understand why cause it has a serial and the cert is valid cert
>>> and shows up correctly in firefox store.
>>>
>>>
>>> 2012/9/15 Jorma Jormeli <jormna...@gmail.com>
>>>
>>>> Hi,
>>>>
>>>> I have 1 Root CA and 2 Sub CA's. Every CA is installed with
>>>> "install-offline install-online" so all components included, Public, CA and
>>>> RA using same computer and same database. I can't sign anything on the Sub
>>>> CA's with CA Operator or RA Operator certs, not even in the public
>>>> interfaces "test certificate" section with user certs. I can tho in the
>>>> Root CA, everything works fine.
>>>>
>>>> When I try to sign, I get the following error message:
>>>>
>>>> Error Code: 6103
>>>> The PKCS#7-object signals an error. The signature is not valid.
>>>>
>>>> PKCS#7-Error 7932039: OpenCA::PKCS7->parseDepth: There is a problem
>>>> with the verification of the chain. ( error:2:unable to get issuer
>>>> certificate)
>>>>
>>>> I have successfully signed Sub CA's certs in Root and delivered pem
>>>> formatted Root Cert in the Sub CA chain directory and build up the chains
>>>> successfully.
>>>>
>>>> The contens from one of the Sub CA's chain dir:
>>>>
>>>> lrwxrwxrwx 1 www-data www-data 10 2012-09-14 17:18 6e9f6ec0.0 ->
>>>> cacert.crt
>>>> -rw-r--r-- 1 www-data www-data 6634 2012-09-14 17:18 cacert.crt
>>>> lrwxrwxrwx 1 www-data www-data 10 2012-09-14 17:18 ec912ccf.0 ->
>>>> rootca.crt
>>>> -rw-r--r-- 1 openca openca 1548 2012-09-08 10:49 Makefile
>>>> -rw-r--r-- 1 www-data www-data 7866 2012-09-14 10:17 rootca.crt
>>>>
>>>> Both of the .crt files contains the certs info first and then the pem
>>>> code (---Begin Cert---... etc.), is this correct? I have also tried without
>>>> the upper info.
>>>>
>>>> I have installed the authorities in firefox and added trust.
>>>>
>>>> Ubuntu Server 11.10
>>>> OpenCA 1.3.0
>>>> OpenCA tools 1.3.0
>>>> Firefox 15.0
>>>> OpenSSL 1.0.1c 10 May 2012
>>>>
>>>> I will appereciate if someone has a solution, thanks.
>>>>
>>>> Sincerely,
>>>>
>>>> Ville Helmine
>>>
>>>
>>>
>>
>>
>> ------------------------------------------------------------------------------
>> How fast is your code?
>> 3 out of 4 devs don\\\'t know how their code performs in production.
>> Find out how slow your code is with AppDynamics Lite.
>> http://ad.doubleclick.net/clk;262219672;13503038;z?
>> http://info.appdynamics.com/FreeJavaPerformanceDownload.html
>> _______________________________________________
>> Openca-Users mailing list
>> Openca-Users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/openca-users
>>
>>
>> ------------------------------------------------------------------------------
>> How fast is your code?
>> 3 out of 4 devs don\\\'t know how their code performs in production.
>> Find out how slow your code is with AppDynamics Lite.
>> http://ad.doubleclick.net/clk;262219672;13503038;z?
>> http://info.appdynamics.com/FreeJavaPerformanceDownload.html
>> _______________________________________________
>> Openca-Users mailing list
>> Openca-Users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/openca-users
>>
>>
>
>
> ------------------------------------------------------------------------------
> Everyone hates slow websites. So do we.
> Make your web apps faster with AppDynamics
> Download AppDynamics Lite for free today:
> http://ad.doubleclick.net/clk;258768047;13503038;j?
> http://info.appdynamics.com/FreeJavaPerformanceDownload.html
> _______________________________________________
> Openca-Users mailing list
> Openca-Users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openca-users
>
>
> ------------------------------------------------------------------------------
> Everyone hates slow websites. So do we.
> Make your web apps faster with AppDynamics
> Download AppDynamics Lite for free today:
> http://ad.doubleclick.net/clk;258768047;13503038;j?
> http://info.appdynamics.com/FreeJavaPerformanceDownload.html
> _______________________________________________
> Openca-Users mailing list
> Openca-Users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openca-users
>
>
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://ad.doubleclick.net/clk;258768047;13503038;j?
http://info.appdynamics.com/FreeJavaPerformanceDownload.html
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users
