RE: [Openca-Users] Batch System and Missing Passphrase

Thu, 06 Apr 2006 23:11:04 -0700 

Hi,

did you call "Export PINs" (bpExportPIN) after your try without the [EMAIL 
PROTECTED]
This command should write the created PINs into the file 
/OPENCADIR/var/bp/dataexchange/pin_list

Regards
Johannes Derek

> -----Original Message-----
> From: [EMAIL PROTECTED] 
> [mailto:[EMAIL PROTECTED] On Behalf 
> Of Hans-Georg Winkler
> Sent: Wednesday, April 05, 2006 8:32 PM
> To: [email protected]
> Subject: [Openca-Users] Batch System and Missing Passphrase
> 
> 
> Hallo
> 
> I have ab big problem with the batch-system because i don´t know the 
> passphrase for a PKCS#12 import ,for example in the Firefox Keystore.
> 
> The situation:
> 
> 1) i create a batch_process_data.txt with
>  
> USER hwink001
> PROCESS neues_zertifikat
> set_state new_process
> ROLE User
> SUBJECT_ALT_NAME_1 email:[EMAIL PROTECTED]
> SUBJECT CN=hwink006,dc=cs,dc=fh-wiesbaden,dc=de
> LOA_MODE IGNORE
>  
> After this i create the import file with "tar -cvf exchange.tar 
> batch_process_data.txt"
> 
> 2) with the batch interface i go at "workflow Management" and do  
> "Quickimport - see manual !"
> 
> The import works good  :) 
> 
> here my Import config:
> 
> EXPORT_IMPORT_LOCAL_DEVICE "/srv/openca/batch/"
> EXPORT_IMPORT_LOCAL_START  ""
> EXPORT_IMPORT_LOCAL_STOP   ""
> EXPORT_IMPORT_LOCAL_IMPORT "/bin/tar -xvf @[EMAIL PROTECTED] -C 
> @__DEST__@"
> EXPORT_IMPORT_LOCAL_TEST   "/bin/tar -tvf @[EMAIL PROTECTED]"
> 
> 3) now i go to "Do one step for all workflows" and say yes 
> for CA key and 
> for Key of the batch system and set "Number of iterations of 
> the batch 
> system" to 16
> 
> 4) the system require 2 password and i put CA Password for 1 
> & 2 and it's 
> seems good.
> 
> 5) now, all is good and i can see certs in pub interface and 
> i can export 
> to ldap
> 
> My problem is.... i would like to import the PKCS#12 file 
> (/OPENCADIR/var/
> bp/dataexchange/pkcs12/) to the Firefox Keystore but i haven't the 
> passphrase to import this file. I don't know what i can do  
> :(  but in the 
> doc i read about the attribute "[EMAIL PROTECTED]" and so i try to 
> import a PKCS#7 PIN....
> 
> 1) i create a PKCS#7 file with the following statements:
> 
> "openca-sv encrypt -verbose -in passwd -out pin -cert /srv/openca/var/
> crypto/cacerts/cacert.crt"
> 
> memo: the passwd file includes the plain text pass phrase named "test"
> 
> 2) i put the pin file to the batch_process_data.txt:
> 
> USER hwink001
> PROCESS neues_zertifikat
> set_state new_process
> ROLE User
> SUBJECT_ALT_NAME_2 email:[EMAIL PROTECTED]
> SUBJECT CN=hwink001,dc=cs,dc=fh-wiesbaden,dc=de
> LOA_MODE IGNORE
> [EMAIL PROTECTED]
> -----BEGIN MYPIN-----
> -----BEGIN PKCS7-----
> MIIDFwYJKoZIhvcNAQcDoIIDCDCCAwQCAQAxggK/MIICuwIBADCBojCBlDESMBAG
> CgmSJomT8ixkARkWAmRlMRwwGgYKCZImiZPyLGQBGRYMZmgtd2llc2JhZGVuMRIw
> EAYKCZImiZPyLGQBGRYCY3MxGDAWBgNVBAoTD0ZhY2hiZXJlaWNoLURJTTEQMA4G
> A1UECxMHVXNlci1DQTEgMB4GCSqGSIb3DQEJARYRSEcuV2lua2xlckBXZWIuZGUC
> CQCo+GTRiLfEjDANBgkqhkiG9w0BAQEFAASCAgA7yyPV3R4f33NHJAPPaMMc/C6p
> EGEYZqHV0vajmB2Wx70/5O2/JnfCm/ybBpZHc6m1HBT/A11dktLd1RqV1BVxTr6H
> MvnnSJX/i7wxIqI1OqlBGRbim2XiN/xEy6rA0sgVA7UZZ23YixXOQboJnguRia0T
> sLmD2/xrPfJyOy5xC4WvwPbQnYq/eeGdVVRd2lQB6wLgHaIIhpJ6NUWQS3IF+C8I
> HFB4pnYWpw63/FWZiP99FZIamva3yXRWjM9byn8M4xIF87UrOEqbAijZF4jbPUwF
> gjM59Aru4FLrGEP6+2FmxAcjVAm5BzYHMbbGwaegDS/OAQlyvQjaIbJ6wXuSTNYR
> rqH9ZizUMdsyR7H42qDbF76solClNEDxyvJ0JY4HGtKN6cpWxMQgODh9Lt+x9lxe
> JgFyxjwa7yDqlpGxR46Ob1Dbu72gPRLw9fa8GZnyJcl1rckWqM/jPQHFQxOa9x2R
> 0dBKGZYCZBKIdqTg1fcW2HnYxw6kW30KxZJxRaaPjJW7hMN85haUVngSujTc+Uzz
> yyQ6EqJN6nzDS5S5k2ku29EnrMp24iRkBEkay4fKJEOsW5tv4Q5+3TB7iEl2y3Sd
> 3kOgO72AankioG3C26stKxh6HR+Ssl2IsRQkKHKspz89ccUSwzddzioqRPD7Cg0H
> +gKXwVqObgVWUAz5ozA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCEEEIywbVh
> 0OqoRGbK9THggBCz27SsoKyrywWWxfmxBqsq
> -----END PKCS7-----
> 
> After this i create the import file with "tar -cvf exchange.tar 
> batch_process_data.txt". The import works god and the workflow is 
> successfully. But i have the same problem the passphrase 
> "test" don't work 
>  :( 
> 
> I'm helpless and hope for help  :) 
> 
> greetings Hans-Georg
> 
> PS: sorry for my "german" - English  ;) 
> 
> 
> -- 
> Echte DSL-Flatrate dauerhaft für 0,- Euro*!
> "Feel free" mit GMX DSL! http://www.gmx.net/de/go/dsl
> 
> 
> -------------------------------------------------------
> This SF.Net email is sponsored by xPML, a groundbreaking 
> scripting language
> that extends applications into web and mobile media. Attend 
> the live webcast
> and join the prime developer group breaking into this new 
> coding territory!
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&;
dat=121642
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users


-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid0944&bid$1720&dat1642
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users

Reply via email to