Hi,
Please check that you use Netscape v 4.X with java enabled or MSIE
with cryptoapi registered. Then check you have a valid RA certificat in
your browser.
Alex
Loi Dan wrote:
Michael Bell <[EMAIL PROTECTED]>
wrote:
Loi
Dan schrieb:
>
> --- Alex <[EMAIL PROTECTED]>wrote:
> > Hi.
> >
> > You
Loi Dan wrote:
>
> I generated a ServerCertificate from CA server with
> 'openca-newcert' command, then use 'openca-browseresp'
> command. I get 2 file : '01.pem' and 'browser_01.p12'.
> But I don't known how to import them into browser of
> RAserver (Nestcape).
>
> I ask more: when we use 'ope
Hi, I use a version from development (between 0.8 and 0.9, mostly
0.9)with mysql as the database. When I do the import CRR (approved with
pkcs#7 signature) with debug switched on I get the attached messages.
Also, I notice that it seems to get import correctely but there is no
CRR in the CRR tabl
Dear all,
I am testing Openca (pre 09x.RC) with DBI (mysql).
As far as I understand, in the database the certs ar stored with status
as VALID and REVOKED (see below).
As far I am concerned, it's ok, if we consider the expired certificates
as valid ones, but not longer in use.
In listCerts and lis
Hello all,
I think that the problem is the length of key IE needs to generate by the server
request. In ie_Confirm.html it is stated (xenroll.dll vb script ) that the browser
must generate a 1024 bit key with exportable or user-password exportable private
key. This is no working on various versio
Hi, I encounter a problem and I don't know how to handle it. I have
installed an OpenCA and I can get certificates for both Netscape and IE.
The strange part cames here. If I request and get an certificate in
Netscape I can export it, import it in IE and then use in Novell's
Groupwise for secure m
Mozilla can't be used for form signing (yet). This is the same with netscape
above 4.x version.
P.S There is a concept of signing with mozilla-based products on
http://secclab.mozdev.org Did anybody give it a try?
Alex
Oliver Welter wrote:
> Hi list,
>
> I have problems when I try to do a "app
Michael, if you have secclab plugin installed, just go to
http://downloads.us-east3.mozdev.org/secclab/common/SignString.html
For me it looks strange that the signature looks as base64-encoded
string, but with with leading lots of blank spaces and no line
formatting (no \n for line splitting )
Second thought... I'm assuming you have the right secclab plugin
(glibc-dependent!)
Alex
Michael Bell wrote:
Hi Oli, hi Alex,
sometime ago somebody sends me a signature from secclab so that I can
analyze it. The problem is that I cannot find the mail. Can somebody
send me a signature from se
Michael,
I attached two files. The file sig is the signature of the text file.
But, now- there is a big but- the file sig is obtained by splitting the
signature obtained from secclab plugin in order to get 64-char file,
and, of course adding the begin and end headers for pkcs7.
P.S. Mozilla's
Hi all,
Michael,
I think that the signForm. js should be modifies as folows:
add function:
function Split64Char(str) {
var result = "";
var i=0;
var j=0;
for (var i=0; i < str.length; i++){
if ( (i % 64)== 63) {
result = result + str.charAt(i) + "\n";
} else {
result = result +
Hello,
I've installed openca-snap 20020129 on Redhat 7.2. I also installed
DB_File-1.082 and openssl-snap-20020123. After I issue an RA operator
certificate and I imported it into netscape, when I try to check it, the
signature doesn't verify with the message : Configuration Error: invalid
signatu
Until now I can't see what happens when the CA certificate expires or
have to be changed (due to key compromise). What happens with old user
certificates in those cases( there are two cases: expired and
compromised root CA key)?
Regards,
Alex
___
Openc
Which is the openssl snapshot you used for developing openca-0.9. Where
can I download it? It seems that on my RedHat 7.2 latest snapshots
compile ok, but smime is not working (unable to load signer certificate
for signing and segfault on encrypt)
Regards,
Alex
__
Helo,
On OpenCA 0.9 (CVS snap) I encounter the following problem:
Initialize the Certification Authority - all work ok
Create the initial administrator -
Create a new request- apparently OK
Edit the request - (Error??) It says that I applied for a PKCS#10,
altough the certificate must be f
It is a typo in crypto-utils.lib
Last 8 "errval" and "errno" items in lib should be "$errval" and
"$errno".
Alex
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
ormat.
In handle the certificate there is no way to send the certificate (it's not
.p12 formated!).
Alex
Michael Bell wrote:
> alexandru matei schrieb:
> >
> > Helo,
> > On OpenCA 0.9 (CVS snap) I encounter the following problem:
> > Initialize the Certification A
Hello,
In ca/messages/request_success.html is a typo (pki instead ca) in the
row:
pending list here
Probably the typo is not noticable if both ca/ra server are on the same
machine
Alex
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sou
If you are in trouble, get the Ldap Browser/editor from
http://www.iit.edu/~gawojar/ldap/ . It functions to both unix&windows with
java. Then bind to your LDAP server and try to add a entry using the
credentials supplied to openca (RA.conf) . If you are successful, then the
OpenCA Ldap should work
You have to download the capicom.dll from Microsoft sdk. Then you must execute
regsvr32 capicom.dll. That's all.
Alex
Miroslav Hrad wrote:
> Hello,
>
> I have installed the today's snap: SNAP-20020409 with DB. ... O.K.
> I tried to test the 'full support for IE' made by Alexandru and Marilena M
receive any page or window telling me that procedure is ok and I
> search "Pending requests" again in RA server and the request remains there.
> Can you help me again ?!?
>
> Thanks a lot again,
>
> Best Regards,
>
> Marco
>
> - Original Message -
>
ng requests" again in RA server and the request remains there. Can you
> help me again ?!?
>
> Thanks a lot again,
>
> Best Regards,
>
> Marco
>
> - Original Message -
> From: "alexandru matei" <[EMAIL PROTECTED]>
> To: "Marco A. R.
22 matches
Mail list logo
