Re: [Openca-Users] SCEP fails on enrolling a certificate

Thu, 22 Jun 2006 02:20:38 -0700 

Hi,

> The exact error output with debugging enabled is:

there are no SCEP debug messages in the log file. Did you set both  
Debug flags to 1 in log.xml? Such as:

<openca>
     <debug>1</debug>
     <stderr>/usr/local/openca-0.9.2/var/log/stderr.log</stderr>
     <log>
         <debug>1</debug>
         <slots>
...

After setting this you should restart OpenCA.

You should get debug messages like the sample below. Please post this  
output.

cheers

Martin


OpenCA::AC->    access granted
OpenCA::AC->initToken: starting
OpenCA::AC->initToken: successfully finished
cmds->cmdScepPKIOperation: execute5: /usr/local/bin/openca-scep -in / 
usr/local/openca-0.9.2/var/tmp/scep_pkiOp_12872.p7 -noout -print_transid
cmds->cmdScepPKIOperation: Pipe returned error code 0
cmds->cmdScepPKIOperation: tid:
cmds->cmdScepPKIOperation: execute_bt: /usr/local/bin/openca-scep - 
in /usr/local/openca-0.9.2/var/tmp/scep_pkiOp_12872.p7 -keyfile /etc/ 
certs/local/scep-key.pem -passin env:pwd -noout -print_scert > /usr/ 
local/openca-0.9.2/var/tmp/scep_client_12872.crt
cmds->cmdScepPKIOperation: Backtick expansion returned error code 0
cmds->cmdScepPKIOperation: execute1: /usr/local/bin/openca-scep -in / 
usr/local/openca-0.9.2/var/tmp/scep_pkiOp_12872.p7 -noout -print_msgtype
cmds->cmdScepPKIOperation: Pipe returned error code 0
cmds->cmdScepPKIOperation: msgtype: PKCSReq (19)

cmds->cmdScepPKIOperation: execute6: /usr/local/bin/openca-scep -in / 
usr/local/openca-0.9.2/var/tmp/scep_pkiOp_12872.p7 -keyfile /etc/ 
certs/local/scep-key.pem -passin env:pwd -noout -print_req
cmds->cmdScepPKIOperation: Pipe returned error code 0
cmds->cmdScepPKIOperation: csr: -----BEGIN CERTIFICATE REQUEST-----
...


All the advantages of Linux Managed Hosting--Without the Cost and Risk!
Fully trained technicians. The highest number of Red Hat certifications in
the hosting industry. Fanatical Support. Click to learn more
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=107521&bid=248729&dat=121642
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users

Reply via email to