Craig McGregor wrote:
2. Batch RevocationI looked into bpRevokeCertificate and wondering how this script has ever worked. I commited a first patch to avoid the indefinite loop. It was not a problem of DB or DBI. I simply loaded at every time the first CRR with the state APPROVED in the database. This is ok if I can handle every CRR with this function but if one approved CRR is not ready for automatic handling then the function never finishs.
When running the batch process to revoke certificates I seem to get caught in
an indefinite loop. (due to #1 this is with --enable-db) I think that the same
record is being returned from the database to the while($request = $db->getNextItem
... loop in [openca]/lib/cmds/bpRevokeCerticate
Which checks do you exactly deactivated?This script also seems to have problems verifying the roles of the certificate being revoked and the role of the CRR signer if I make it skip that check.
Do you understand the meaning of the fields in the HTML-form? Sorry for this question but sometimes the forms (which I create) are not really intuitive. The operator's role must be the role of the operator who approve the request with it's signature (required) and the revoked certificate's role should self-explanatory.
Best regards,
Michael
--
-------------------------------------------------------------------
Michael Bell Email (private): [EMAIL PROTECTED]
Rechenzentrum - Datacenter Email: [EMAIL PROTECTED]
Humboldt-University of Berlin Tel.: +49 (0)30-2093 2482
Unter den Linden 6 Fax: +49 (0)30-2093 2959
10099 Berlin
Germany http://www.openca.org
-------------------------------------------------------
This sf.net email is sponsored by: Are you worried about your web server security? Click here for a FREE Thawte Apache SSL Guide and answer your Apache SSL security needs: http://www.gothawte.com/rd523.html
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
