So just like Mike Schmidt I'm migrating to 1.5.0 and ran into this 'unable
to load CA private key error.
I was hoping it was permission issue in /var/openca/crypto/cacerts, I
changed ownership to apache:apache with no luck. Thankfully with Mike's
help I was able to make the edits in token.xml. This is not safe at all,
defeats the purpose of having a private key.
<openca>
<token_config>
<default_token>CA</default_token>
<token>
<name>CA</token>
....
<option>
<name>PASSWD</name>
<value>your ca cert passwd</value>
</option>
For reference this was the area he was stuck.
OpenCA::OpenSSL->setError: errno: 7777067
OpenCA::OpenSSL->setError: errval: Using configuration from
/opt/openca/etc/openca/openssl/openssl.cnf
User interface error
unable to load CA private key
139935115806536:error:0906A068:PEM routines:PEM_do_header:bad password
read:pem_lib.c:454:
error in ca
OpenCA::OpenSSL->setError: errno: 7733071
OpenCA::OpenSSL->setError: errval: OpenCA::OpenSSL->issueCrl: OpenSSL
failed (7777067). Using configuration from
/opt/openca/etc/openca/openssl/openssl.cnf
User interface error
unable to load CA private key
139935115806536:error:0906A068:PEM routines:PEM_do_header:bad password
read:pem_lib.c:454:
error in ca
------------------------------------------------------------------------------
Rapidly troubleshoot problems before they affect your business. Most IT
organizations don't have a clear picture of how application performance
affects their revenue. With AppDynamics, you get 100% visibility into your
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users
