On Fri, May 21, 2010 at 11:59:23AM -0400, Massimiliano Pala wrote:
> Hi Geert,
Hi Max,
thanks for your response.
> Mmm.. interesting problem.. did you applied the patches we have on the
> WiKi ? Some of them seem related to your problem.. I will look into it,
> but it definitely seems a problem related to overflow due to the long
> certificate serial number...
I looked at the patches on the Wiki, the "View CRL error with Long Certificate
Serials" seemed relevant but the "fixed" viewCRL from the wiki is identical to
the one shipped with OpenCA 1.1.0? Was this bug fixed before 1.1.0 or is this
a mistake on the wiki?
I also doubt the problem is really there though since I'm experiencing it with
other commands (scepPKIOperation and viewCSR)...
The other patches (for postgresql, UI fixes, UTF-8 encoding for expired CRL's)
don't seem relevant at all.
> I hope the problem is within the cmdScepPKIOperation.. otherwise is
> somewhere in the libs... maybe the DBI.pm... do you know what the
> $csr->getSerial() on your certificate returns ?
$req->getSerial() in viewCSR returns the short one, $cert->getSerial() in
issueCertificateissueCertificate (the only place where the certificate is
succesfully displayed?) returns the long one in my samples below.
Regarding DBI.pm, I'm using MySQL with the schema installed by the OpenCA
GUI. In the certificate table, cert_key is DECIMAL(60,0) whereas req_key
is a BIGINT. Tried changing cert_key to a BIGINT column as well but then
all generated cert_keys are the same?
Geert
--
Geert Hendrickx -=- g...@telenet.be -=- PGP: 0xC4BB9E9F
This e-mail was composed using 100% recycled spam messages!
------------------------------------------------------------------------------
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users
