Hi dalini, thx for your hint. It worked for the intended purpose. The certificatePolicies are no longer part of my certificates. But the WebSite logon still does not work. I'm going nutz. I have a self signed logon certificate that is working, and when I compare it the the one issued by openca now, both only differ in one point. In the openca certificate I have a CDP which I dont have in my selfmade certificate.
The other difference is, that the webserver certificate was signed by the same ca certificate as the working logon certificate. Can that be the point?? Do I need to issue a new webserver ssl certificate using openca? And if yes, how can I do it? Is it possible to bring a self generated pkcs10 request into openca? And if not .... where can the problem be? Ives Steglich wrote: >Rösner, Jan wrote: > > > >>I tried some changes in loa.xml in the High-template that I am using >>when I request a certificate. But my changes did not work. Now that I am >>really tired I need to ask for help. Can anyone tell me, how I can >>configure the SSLClient extensions to not include the certificatePolicy? >> >> >> >disable LOA in the interface configurations: > > servers/pub.conf:53:USE_LOAS "Yes" > >to "No" > >same for ra and ca.conf and the right server... > > >greetings >dalini > > > Greets Jan Roesner [EMAIL PROTECTED] ------------------------------------------------------- This SF.Net email is sponsored by the JBoss Inc. Get Certified Today * Register for a JBoss Training Course Free Certification Exam for All Training Attendees Through End of 2005 Visit http://www.jboss.com/services/certification for more information _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
