[Openca-Users] Issue with AutoCRL in OpenCA 1.1.1

Tue, 02 Sep 2014 22:59:28 -0700 

Hello,

I’m running two CAs with openCA, which has run successfully over years now.
Actually, I’m facing the situation that autoCRL is not working any more. This 
started after I manually revoked one certificate in one of both CAs, but this 
may be perhaps an accident. Actually, I have to issue CRLs manually from time 
to time, since the autoCRL process seems to stop overnight after having run for 
two days. Manually issueing CRLs works perfectly.
When starting the autoCRL process from the web interface, the log at 
var/openca/log/stderr.log states the following:

CRL::Found Entry -> 6DE70E00C4FF81E0A54B (13)
CRL::Found Entry -> 7AE329F4AFCAB0DE3D1E (15)
CRL::Found Entry -> 90BBDBB297A27246C4CE (17)
CRL::Found Entry -> D460DA7FA19F65076D50 (19)
CRL::Found Entry -> EB35BF44E2FAA2355CC0 (21)
DBD::mysql::st execute failed: MySQL server has gone away at <path 
obfuscated>/lib/openca/perl_modules/perl5/OpenCA/DBI.pm line 3309.
autoCRLProcess()::ERROR::Can not store CRL in DB!
DBD::mysql::db commit failed: MySQL server has gone away at <path 
obfuscated>/lib/openca/perl_modules/perl5/OpenCA/DBI.pm line 3549.

I learned a bit that the file var/openca/crypto/crlnumber and crlnumber.old may 
have something to do with it. The content is the hexadecimal interpretation of 
the next and actual value of crl_key in the database table crl. May this be the 
reason of cancellation ofthe autoCRL process? What other reasons could exist so 
that the autoCRL process fails?


Freundliche Grüße/Best regards,

Harald Koch

c-works GmbH
Otto-Lilienthal-Str. 36
71034 Böblingen
http://www.os4x.com

eMail: h.k...@os4x.com
Support: +49-(0)7031-4924306
Fax: +49-(0)7031-4924308

Geschäftsführer/Managing Director: Harald Koch
Sitz und Registergericht/Domicile and Court of Registry: Stuttgart
HRB-Nr./ Commercial Register No. 725882





------------------------------------------------------------------------------
Slashdot TV.  
Video for Nerds.  Stuff that matters.
http://tv.slashdot.org/
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users

Reply via email to