Charles wrote: > Thank you very much for the help. I now setup a server to act as RA and > also have the RA operator on the same computer. I was able to use the > operator to generate certificate request. But it looks like my RA is not > able to approve the request. when I clicked on the approve button, it said > that I need to sign the request. However I couldn't find anywhere that > will allow me to sign it. I think maybe the problem is that the RA server > certificate is not signed by our CA yet. It is still using the test
No, the problem could be your browser. To correcly sign a request you need
Netscape 4.06+ ( suggested Netscape 4.79 ) which has a javascript function
that generates PKCS#7 signatures on the client. Also you'll need the RA
Operator's certificate to be correctly installed in Netscape and it has
to be correctly verified ( Security->Certificates->Yours->Verify ).
If you have not done it yet import the CA's certificate into your browser
(it is needed by Netscape to verify the RA operator's cert ).
--
C'you,
Massimiliano Pala
--o-------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager] [EMAIL PROTECTED]
[EMAIL PROTECTED]
http://www.openca.org Tel.: +39 (0)59 270 094
http://openca.sourceforge.net Mobile: +39 (0)347 7222 365
smime.p7s
Description: S/MIME Cryptographic Signature
