Michael,
Thanks for your comment, I dive into that.
The CA is online ofcourse (in the IP-sense), how else can I sign certificates?
It is not a pre-known CA (like VeriSign and Netscape, for example).
The CA is the same machine as the RA and the RAoperator, but that's only a
practical issue.
I have no certificate for the RAserver yet. Can this be the problem? I also
don't use a secure webserver (yet).
As you can read, I'm not very familiar with the implementation of this stuff. I
only used certificates to authenticate Cisco routers (for IPsec), and there was
a CA already running (Entrust).
Now I want to do it all by myself, including the CA (for gaining experience and
a better understanding of the material).
I found the book you referred to, but it's changed to a common PKI-book. It's
pretty much the same as the Cisco-stuff, and doesn't provide in-depth detail of
the implementation :*(
Thanks for your feedback, for now. I try this the next few days, when work
allows.
Regards,
Marcel
--
---------------------------------------------------------------
ing. Marcel van Dorp (CCDP, CCNP+security) http://www.wiwo.nl
WiWo Support tel. 071-523 77 91
Postbus 1098 fax 071-523 77 94
2340 BB Oegstgeest gsm 0653-50 77 76
---------------------------------------------------------------
_________________________________________________________________
OpenCA - Users Support Mailing List [EMAIL PROTECTED]
