Hi all, OpenCA-0.9.1: I try to import CA Certificate approved by Root and all I get is:
Error 690: Configuration Error. Missing Configuration Keyword: UnpackArchive
It comes from importCACert but there is of course nothing in ca.conf like UnpackArchive
Is ImportCACert wrong for the new OpenCA-0.9.1??
It looks like we forget importCACert during the introduction of the new export/import-code. I attached a first changed version.
Michael -- ------------------------------------------------------------------- Michael Bell Email (private): [EMAIL PROTECTED] Rechenzentrum - Datacenter Email: [EMAIL PROTECTED] Humboldt-University of Berlin Tel.: +49 (0)30-2093 2482 Unter den Linden 6 Fax: +49 (0)30-2093 2704 10099 Berlin Germany http://www.openca.org
## OpenCA - CA Command ## (c) 2001 by OpenCA Group ## ## File Name: importCACert ## Brief: Imports CA Certificate ## Description: Imports Signed CA Certificate from parent CA ## Parameters: none ## Cfg Keyword: UnpackArchive, ImportDev, opencadir
sub cmdImportCACert {
## To import the CA certificate we use the same import device as the
## one used for the certificates (is there any reason for not doing so ?)
## Get required parameters from the configuration file
my $cmd = getRequired( 'EXPORT_IMPORT_LOCAL_IMPORT' );
my $orig = getRequired( 'EXPORT_IMPORT_LOCAL_DEVICE' );
my $makeCmd = getRequired( 'MakePath');
## Other reserved variables
my $cacertFile = getRequired ( 'CACertificate' );
my $cacertDER = getRequired ( 'CACertificateDER' );
my $cacertCRT = getRequired ( 'CACertificateCRT' );
my $cacertTXT = getRequired ( 'CACertificateTXT' );
my $chainDir = getRequired ( 'ChainDir' );
my $certDir = getRequired ( 'CACertDir' );
print startLogPage("Importing CA Certificate");
$cmd = $query->subVar( $cmd, '@__DEVICE__@', $orig );
$cmd = $query->subVar( $cmd, '@__DEST__@', $certDir );
## If there is already a cacertfile, than we should move it to .old
if ( -e "$cacertFile" ) {
$tools->moveFiles( SRC=>$cacertFile,
DEST=>$cacertFile.".${$}_old");
$msg = i18nGettext ("Old certificate file is __FILE__.", "__FILE__",
"$cacertFile.${$}_old");
}
unlink( "$cacertDER" ) if ( -e "$cacertDER" );
unlink( "$cacertTXT" ) if ( -e "$cacertTXT" );
print addLogSection(gettext("Importing CA Certificate into filesystem ... "));
my $ret = `$cmd 2>&1`;
if( $? != 0 ) {
print addErrorLog(i18nGettext("Importing CA Certificate Failed from
__DEVICE__!", "__DEVICE__", $orig) );
closePage();
return undef;
}
print addLogLine(gettext("Ok."));
print addPreLogLine( $ret );
print closeLogSection();
print addLogSection(gettext("Importing CA Certificate to dB ... "));
$cryptoShell->dataConvert( DATATYPE=>CERTIFICATE,
INFILE=>$cacertFile,
OUTFILE=>$cacertDER,
OUTFORM=>"DER" );
configError( "<BR>".gettext("Error (1) while convertig certificate")."<BR>" ) if( $?
!= 0 );
$cryptoShell->dataConvert( DATATYPE=>CERTIFICATE,
INFILE=>$cacertFile,
OUTFILE=>$cacertTXT,
OUTFORM=>"TXT" );
configError( "<BR>".gettext("Error (2) while convertig certificate")."<BR>" ) if( $?
!= 0 );
$crt = new OpenCA::X509( SHELL=>$cryptoShell, INFILE=>"$cacertFile" );
if( not $crt ) {
configError( "<BR>".i18nGettext("Error while loading CA certificate
(__FILE__).",
"__FILE__", $cacertFile) );
} else {
##// Let's link to the chain dir
$tools->copyFiles ( SRC=>"$cacertFile",
DEST=>"$cacertCRT");
##// Let's make the links for chain verification
$ret = `cd ${chainDir}; $makeCmd`;
if ( not $db->storeItem( DATATYPE=>"VALID_CA_CERTIFICATE",
OBJECT=>$crt,
MODE=>"INSERT")) {
if ( not $db->storeItem( DATATYPE=>"VALID_CA_CERTIFICATE",
OBJECT=>$crt,
MODE=>"UPDATE")) {
configError (gettext("Error while storing CA cert to dB!"));
}
}
}
print addLogLine( gettext("Ok.") );
print addPreLogLine ( $crt->getTXT() );
print addPreLogLine ( $ret );
print closeLogSection();
closePage();
return 1;
}
1;
