Hello list,
Common Information ------------------------------------------------ OpenCA Version : 0.9.2.2 Perl Version : 5.8.4 OpenSSL Version : 0.9.7e OpenLDAP : 2.1.30 PostgreSQL : 7.4.7-2 Operating System: Stock Debian Sarge + 2.6.8-386 Used Language(s): default (English) Special Changes : None Database initialized : y Database interface : DBI with PostgreSQL Type of Installation : different Systems, 1 for CA and 1 for RA Used Browsers and mailers : Firefox, Thunderbird Smart card/USB * openct : 0.6.4 * opensc : 0.9.6 * mozilla-opensc : 0.9.6 ------------------------------------------------ Problem Description ------------------- I get an error when I try, with the RA, to Approve a certificate Request without Signing with a request generated from an iKey3000 USB token: Error 700 General Error A Certificate with the same public key exists! This is a keycompromise of the certificates with the serial: 1 2 ... Please revoke the certificates and delete the request. I have read Pierre Lhostis messages about almost exactly the same thing: http://sourceforge.net/mailarchive/forum.php?thread_id=7366862&forum_id=2291 But Pierre's solution (cache_pins = true) doesn't solve the problem this time :-( I have tried to change almost all the parameters in the opensc.conf file, as well as removing/inserting the USB token and closing/restarting Firefox with no success. Just like Pierre, the USB token doesn't seem to create any private key on its one since the operation is finnished almost instantly compared to when it used to be the browser (Firefox) which did the private key generation. I would be very pleased to give anyone more information and test any proposed solution :-) Cheers, -- Marc-Aurèle DARCHE NUXEO (Paris, France) http://nuxeo.com Nuxeo Collaborative Portal Server http://www.nuxeo.com/cps Gestion de contenu web / portail collaboratif / groupware / open source ------------------------------------------------------- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
