Mike Tsarapatsanis schrieb: > > Yes i clicked those buttons.In fact the time it worked > i clicked next without checking the boxes and then i > clicked back in order to check them!! > Now i have a diferrent problem .I cannot initialize > the CRL.When i press the issue new CRL and enter my > code i get the error message : > Generating Certificate Revocation List ... > > ERROR: Cannot initialize a new CRL Object! > > 256 > and on the apache log: > unknown option > /usr/local/OpenCA/conf/openssl/openssl.cnf > usage: ca args > > -verbose - Talk alot while doing things > -config file - A config file > -name arg - The particular CA definition to use > -gencrl - Generate a new CRL > -crldays days - Days is when the next CRL is due > -crlhours hours - Hours is when the next CRL is due > -startdate YYMMDDHHMMSSZ - certificate validity > notBefore > -enddate YYMMDDHHMMSSZ - certificate validity > notAfter (overrides -days) > -days arg - number of days to certify the > certificate for > -md arg - md to use, one of md2, md5, sha or > sha1 > -policy arg - The CA 'policy' to support > -keyfile arg - private key file > -keyform arg - private key file format (PEM or > ENGINE) > -key arg - key to decode the private key if it > is encrypted > -cert file - The CA certificate > -in file - The input PEM encoded certificate > request(s) > -out file - Where to put the output file(s) > -outdir dir - Where to put output certificates > -infiles .... - The last argument, requests to > process > -spkac file - File contains DN and signed public > key and challenge > -ss_cert file - File contains a self signed cert to > sign > -preserveDN - Don't re-order the DN > -batch - Don't ask questions > -msie_hack - msie modifications to handle all > those universal strings > -revoke file - Revoke a certificate (given in > file) > -subj arg - Use arg instead of request's > subject > -extensions .. - Extension section (override value > in config file) > -extfile file - Configuration file with X509v3 > extentions to add > -crlexts .. - CRL extension section (override > value in config file) > -engine e - use engine e, possibly a hardware > device. > -status serial - Shows certificate status given the > serial number > -updatedb - Updates db for expired certificates > Any suggestions?
This indicates that OpenCA::OpenSSL generates a wrong shell-command for OpenSSL. Massimiliano, could you check this please (I know that you need some time to read all the mails after your holidays)? Michael -- ------------------------------------------------------------------- Michael Bell Email (private): [EMAIL PROTECTED] Rechenzentrum - Datacenter Email: [EMAIL PROTECTED] Humboldt-University of Berlin Tel.: +49 (0)30-2093 2482 Unter den Linden 6 Fax: +49 (0)30-2093 2959 10099 Berlin Germany http://www.openca.org ------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
