Hi Chris,
this looks pretty much like you messed up your configuration - some
parts are using the new "buildtin" SCEP layer (based on native OpenSSL)
but the system tries to access an OpenSSL command via the LibSCEP API.
Educated guess - check if there is a "tokenapi" section on top of
system/crypto.yaml and if so jut remove it. If thats not the case, grep
your config for any occurences of "libscep" and compare with the
upstream config.
Oliver
On 06.07.23 18:18, chris via OpenXPKI-users wrote:
Hello everyone,
I'm reaching out to seek your assistance with a problem I'm currently
facing while requesting a certificate using OpenXPKI and sscep.
Recently, I installed the latest version of OpenXPKI (OpenXPKI
Community Edition v3.24.2) on Debian 10, and I've encountered an error
when trying to send the certificate request.
Here's the specific error message I received:
root@debian:~/test# sscep enroll -c cacert.crt -k private.key -r
csr.csr -l local.crt -u http://localhost/scep/scep -v
sscep: starting sscep, version 0.10.0
sscep: new transaction
sscep: transaction id: D41D8CD98F00B204E9800998ECF8427E
sscep: hostname: localhost
sscep: directory: scep/scep
sscep: port: 80
sscep: SCEP_OPERATION_GETCAPS
sscep: connecting to localhost:80
sscep: server response status code: 200, MIME header: text/plain
Renewal
POSTPKIOperation
SHA-512
SHA-384
SHA-256
SHA-224
SHA-1
DES3
AES
sscep:Read request with transaction id: 3C4A494887CACCC38A645A83B57C53BF
sscep: generating selfsigned certificate
sscep: requesting certificate with serial number 0 and issuer
/CN=Cryptonite CA
sscep: SCEP_OPERATION_ENROLL
sscep: sending certificate request
sscep: request data dump
sscep: data payload size: 1187 bytes
sscep: successfully encrypted payload
sscep: envelope size: 1868 bytes
sscep: creating outer PKCS#7
sscep: PKCS#7 data written successfully
sscep: payload size: 4227 bytes
sscep: connecting to localhost:80
sscep: server response status code: 500, MIME header: text/html
sscep: wrong (or missing) MIME content type
sscep: error while sending message
*Upon checking the openxpki.log file, I noticed the following error
entry:*
023/07/06 20:58:52 INFO Login successful (user: Anonymous, role:
System) [pid=1281|sid=WIk+]
2023/07/06 20:58:53 INFO Login successful (user: Anonymous, role:
System) [pid=1282|sid=DLr0]
2023/07/06 20:58:53 ERROR
I18N_OPENXPKI_TOOLKIT_COMMAND_REQUIRE_FAILED; __EVAL_ERROR__ => Can't
locate OpenXPKI/Crypto/Tool/LibSCEP/Command/sign_digest.pm in @INC
(you may need to install the
OpenXPKI::Crypto::Tool::LibSCEP::Command::sign_digest module) (@INC
contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.28.1
/usr/local/share/perl/5.28.1 /usr/lib/x86_64-linux-gnu/perl5/5.28
/usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.28
/usr/share/perl/5.28 /usr/local/lib/site_perl
/usr/lib/x86_64-linux-gnu/perl-base) at (eval 3268) line 1, <DATA> line 1.
[pid=1282|user=Anonymous|role=System|sid=DLr0]
Could you please provide me with possible solutions to fix this problem?
Regards,
Chris
_______________________________________________
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users
--
Protect your environment - close windows and adopt a penguin!
_______________________________________________
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users
