[openca-users:123] [Fwd: Newbie Question from ["Marcel van Dorp" ]

Mon, 04 Dec 2000 07:20:53 -0800 

I am forwarding the message in name of "Marcel van Dorp" <[EMAIL PROTECTED]>.

        --- Massimiliano Pala ([EMAIL PROTECTED])

-------- Original Message --------

From: "Marcel van Dorp" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Newbie Question

Hi,

I'm new to this list, so please forgive my ignorance. I try to get a clear
picture of the functionality of the CA, but a few things are still fuzzy.

First, I am familiar with the purpose and goal of an CA. As far as I can see
(please correct me if I'm wrong), OpenCA is a web-based management tool
implementing CA functionality (as well as RA and RAoperator). All the
encryption-related stuff is done by openSSL. openCA maintains a
directory-structure/database to correctly manage all certificates (requests,
pending, accepted, rejected).

The above reflects my current understanding of the tool (Right?).

The next part is to implement a working configuration. So I followed the
Readme, and now I've got an openCA, an RAserver and an RAoperator (all on the
same machine, but that's irrelevant). I also found out that MSIE is just not
working! So I installed Netscape6 to continue.

I started with the CAserver, generating a key-pair, request a certificate, and
selfsign it. After that, I imported the certificate into the browser
(Netscape).

The next step is to request a perssonal certificate, and approve this at the
RA. Well, it goes wrong at this stage.

1) I make the request (with RAoperator)
2) I submit it to the RA
3) On de RAserver, I find a pending request
4) I review it, click 'approve'
5) Then I click 'approve' on the confirm screen, and that's it! (waiting
forever)

I've read almost every post on the mailing list, and I found out I'm not the
only one with this problem. It has something to do with the RA's certificate.
Well, it's not there, yet, but how can I make a certificate for a server?

One way to do it is by hand, using openSSL, but I prefer using a nice tool like
openCA :*)

Can anyone give me some insight?

Regards,

Marcel


-- 
---------------------------------------------------------------
ing. Marcel van Dorp (CCDP, CCNP+security)   http://www.wiwo.nl
WiWo Support                                 tel. 071-523 77 91
Postbus 1098                                 fax  071-523 77 94
2340 BB Oegstgeest                           gsm  0653-50 77 76
---------------------------------------------------------------

S/MIME Cryptographic Signature

Reply via email to