hi all!
ssep stikes back:
sscep version 20030417, openca-0.9.2.4 both compiled with openssl-0.9.7g.
[EMAIL PROTECTED] sscep]$ ./mkrequest -dns local
[EMAIL PROTECTED] sscep]$ openssl req -noout -text -in local.csr
Certificate Request:
Data:
Version: 0 (0x0)
Subject: CN=local
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:cb:cb:8a:31:e5:79:a0:c5:55:f4:bc:98:a9:a3:
70:e2:2e:9c:e9:52:83:5a:1c:06:76:5b:2b:dd:56:
82:4f:8e:a7:95:ba:1f:c7:19:b1:f1:a0:31:18:e4:
91:a5:de:c6:b9:89:04:8d:12:4f:dc:9f:86:b7:0c:
38:e1:3d:c8:ab:a7:b1:76:16:89:0a:83:78:67:db:
94:7a:3e:1f:45:c1:83:17:b8:4c:81:7c:07:2d:ae:
43:62:ec:3c:c7:ef:31:6c:97:1b:94:b1:8b:c2:54:
15:ad:2c:99:96:4f:4d:2a:b3:53:92:f4:bd:cb:b8:
63:cd:6b:3d:8f:84:ac:42:3b
Exponent: 65537 (0x10001)
Attributes:
Requested Extensions:
X509v3 Subject Alternative Name: critical
DNS:local
Signature Algorithm: md5WithRSAEncryption
74:3f:4b:13:ab:c9:af:7e:04:da:87:3d:b5:59:17:c1:6a:1a:
d7:e5:4c:81:43:b8:71:0b:9d:16:b3:4c:ce:17:f2:25:12:55:
47:fd:cd:07:58:dc:41:e6:e2:ec:ee:29:bc:1b:ca:a4:97:34:
85:04:ec:57:30:bf:e8:6c:09:c8:9f:2f:51:a9:a4:5a:51:3a:
b6:d9:1b:9a:f1:33:a4:d3:4b:f5:b0:d6:17:62:85:df:12:9b:
a1:37:cb:8a:38:c1:dc:94:f3:31:87:42:2e:be:1b:3f:d9:26:
a6:d2:a9:4d:21:bd:95:2a:c7:6f:a4:93:b0:5c:dc:3a:e1:48:
a1:74
[EMAIL PROTECTED] sscep]$ ./sscep enroll -f sscep.conf -c ca.crt-1
./sscep: starting sscep, version 20030417
./sscep: hostname: ca.rtsnet.ru
./sscep: directory: cgi-bin/scep/pkiclient.exe
./sscep: port: 80
./sscep: new transaction
./sscep: transaction id: C658CB9891A84DB0C8404F14D19C1E58
./sscep: generating selfsigned certificate
./sscep: SCEP_OPERATION_ENROLL
./sscep: sending certificate request
./sscep: creating inner PKCS#7
./sscep: data payload size: 377 bytes
./sscep: successfully encrypted payload
./sscep: envelope size: 899 bytes
./sscep: creating outer PKCS#7
./sscep: signature added successfully
./sscep: adding signed attributes
./sscep: adding string attribute transId
./sscep: adding string attribute messageType
./sscep: adding octet attribute senderNonce
./sscep: PKCS#7 data written successfully
./sscep: applying base64 encoding
./sscep: base64 encoded payload size: 2479 bytes
./sscep: server returned status code 200
./sscep: MIME header: x-pki-message
./sscep: valid response from server
./sscep: reading outer PKCS#7
./sscep: PKCS#7 payload size: 2995 bytes
./sscep: PKCS#7 contains 0 bytes of enveloped data
./sscep: verifying signature
./sscep: error verifying signature
23698:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block
type is not 01:rsa_pk1.c:100:
23698:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check
failed:rsa_eay.c:580:
23698:error:21071069:PKCS7 routines:PKCS7_signatureVerify:signature
failure:pk7_doit.c:868:
can anybody help with it ?
--
Konstantin Khrooschev
RTS Stock Exchange
Information Security Department
-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server.
Download it for free - -and be entered to win a 42" plasma tv or your very
own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
