Massimiliano Pala schrieb am 04.12.00:
> I am forwarding the message in name of "Marcel van Dorp" .
>
> --- Massimiliano Pala ([EMAIL PROTECTED])
>
> -------- Original Message --------
>
> From: "Marcel van Dorp"
> To: [EMAIL PROTECTED]
> Subject: Newbie Question
>
> Hi,
>
> I'm new to this list, so please forgive my ignorance. I try to get a clear
> picture of the functionality of the CA, but a few things are still fuzzy.
>
> First, I am familiar with the purpose and goal of an CA. As far as I can see
> (please correct me if I'm wrong), OpenCA is a web-based management tool
> implementing CA functionality (as well as RA and RAoperator). All the
> encryption-related stuff is done by openSSL. openCA maintains a
> directory-structure/database to correctly manage all certificates (requests,
> pending, accepted, rejected).
>
> The above reflects my current understanding of the tool (Right?).
>
> The next part is to implement a working configuration. So I followed the
> Readme, and now I've got an openCA, an RAserver and an RAoperator (all on the
> same machine, but that's irrelevant). I also found out that MSIE is just not
> working! So I installed Netscape6 to continue.
>
> I started with the CAserver, generating a key-pair, request a certificate, and
> selfsign it. After that, I imported the certificate into the browser
> (Netscape).
>
> The next step is to request a perssonal certificate, and approve this at the
> RA. Well, it goes wrong at this stage.
>
> 1) I make the request (with RAoperator)
> 2) I submit it to the RA
> 3) On de RAserver, I find a pending request
> 4) I review it, click 'approve'
> 5) Then I click 'approve' on the confirm screen, and that's it! (waiting
> forever)
>
Because this is no online ca:
6) klick export requests
7) take the floppy and bring it to the ca-machine
8) on ca klick import requests
9) klick pending requests
10) handle your requests
11) export new certs
12)take the floppy and bring it to the raserver-machine
13)klick import certs
14)add new certs to ldap
So now is all finished and your certificates are ready for use and download.
There is a book about OpenCA online available but I have not right now the link.
Perhaps anybody else has this link?
Regards Michael
----------------------------------------------------------------------------
Michael Bell Email: [EMAIL PROTECTED]
Humboldt-University of Berlin Email (office): [EMAIL PROTECTED]
Rechenzentrum - Datacenter Fon: +49 30 2093-2482
Unter den Linden 6 Fax: +49 30 2093-2959
10099 Berlin
Germany
______________________________________________________________________________
Die Fachpresse ist sich einig: WEB.DE 15mal Testsieger! Kostenlos E-Mail,
Fax, SMS, Verschl�sselung, POP3, WAP....testen Sie uns! http://freemail.web.de
_________________________________________________________________
OpenCA - Users Support Mailing List [EMAIL PROTECTED]
