On August 17, 2012 10:49 , Shawn Rahl <sr...@umich.edu> wrote: > [root@molar cosign-ca-dir]# ls -la > > total 76 > drwxr-x--- 3 apache apache 4096 Aug 17 10:40 . > drwxr-xr-x 10 root root 4096 Aug 14 14:33 .. > lrwxrwxrwx 1 root root 13 Aug 17 10:40 3c58f906.0 -> > extCAroot.pem > lrwxrwxrwx 1 root root 11 Aug 17 10:40 4700e8dd.0 -> > umwebCA.pem > lrwxrwxrwx 1 root root 14 Aug 17 10:40 84df5188.0 -> > incommonCA.pem > drwx------ 2 root root 4096 Aug 17 07:44 archive > lrwxrwxrwx 1 root root 16 Aug 17 10:40 b0de3e19.0 -> > intermediate.pem > -rw------- 1 root root 1521 Aug 17 07:45 extCAroot.pem > -rw------- 1 root root 5379 Aug 17 07:43 incommonCA.pem > -rw------- 1 root root 3309 Aug 17 07:45 intermediate.pem > -rw-r--r-- 1 root root 1334 Aug 17 08:52 umwebCA.pem > > > --------------------------------------------------------------------------------------------------------------------------------------------------------------------- > > Also, it seems that the hash output for the umwebCA is not what you > are saying it should be: > > [root@molar cosign-ca-dir]# openssl x509 -hash -noout -in > ./umwebCA.pem > 4700e8dd >
This is very strange, especially since the SHA-512 hash of your umwebCA.pem file matches mine. I recommend getting a new copy and checking. I just did this on my MacOS X laptop and the results match what I have on my RHEL6 web server: $ curl -O http://www.umich.edu/~umweb/umwebCA.pem % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 1334 100 1334 0 0 19974 0 --:--:-- --:--:-- --:--:-- 21868 $ openssl x509 -hash -noout -in ./umwebCA.pem 5cc1e784 $ Once you get this, recreate the hash symlink by running c_rehash again. If you don't get a link named 5cc1e784.0, then something is still amiss and we'll have to look at this further. -- Mark Montague m...@catseye.org ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Cosign-discuss mailing list Cosign-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/cosign-discuss