Thanks Jorge.
I did as you said, unfortunately, it didn't work. Here is the configuration
that I run:
./configure --with-openssl-tools-prefix=/usr/local --with-openca-user=openca
--with-openca-group=openca --with-web-host=ca-server --with-db-name=openca_db
--with-db-host=localhost --with-db-user=openca --with-db-password=admin
--with-db-type=mysql --with-service-mail-account=khod...@kth.se
--with-httpd-user=www-data --with-httpd-group=www-data
--with-cgi-fs-prefix=/usr/lib/cgi-bin --with-htdocs-fs-prefix=/var/www/pki
--with-openca-prefix=/usr/local/openca/ca
--with-etc-prefix=/usr/local/openca/ca/etc
--with-module-prefix=/usr/local/openca/ca/modules
--with-ca-organization=LCN-KTH --with-organization=KTH
--with-ca-locality=Stockholm --with-ca-state=Stockholm --with-ca-country=SE
--with-support-mail-address=khod...@kth.se --disable-external-modules
--enable-dbi --enable-rbac --enable-db --prefix=/usr/local/openca
--with-openssl-prefix=/usr/include/ --with-openca-tools-prefix=/usr/local/openca
After that, I did the following commands to complete the installation phase:
make
>make install-common
>make install-offline install-online
>/usr/local/openca/etc/openca/configure_etc.sh
>/usr/local/openca/etc/init.d/openca start
>/etc/init.d/apache2 restart
Furthermore, I did a small changes in the config.xml file as follows:
<option>
<name>dataexchange_device_up</name>
<value>/tmp/ca-up</value>
</option>
<option>
<name>dataexchange_device_down</name>
<value>/tmp/ca-down</value>
</option>
<option>
<name>dataexchange_device_local</name>
<value>/tmp/ra_local</value>
</option>
Still, when I browse the link below, I can view the folders and I cannot enter
the OpenCA Web Interface:
https://localhost/pki/ca/
When I checked the Apache Error.log file, I realized that there are some
mistakes while I've got no idea how to solve them. I think I did everything
correctly. Here is the small part of Apache error.log file:
[Wed May 30 11:31:03 2012] [notice] caught SIGTERM, shutting down
>[Wed May 30 11:31:04 2012] [warn] RSA server certificate CommonName (CN)
>`localhost' does NOT match server name!?
>[Wed May 30 11:31:04 2012] [warn] RSA server certificate CommonName (CN)
>`localhost' does NOT match server name!?
>[Wed May 30 11:31:04 2012] [warn] Init: Name-based SSL virtual hosts only work
>for clients with TLS server name indication support (RFC 4366)
>[Wed May 30 11:31:04 2012] [warn] RSA server certificate CommonName (CN)
>`localhost' does NOT match server name!?
>[Wed May 30 11:31:04 2012] [warn] RSA server certificate CommonName (CN)
>`localhost' does NOT match server name!?
>[Wed May 30 11:31:04 2012] [warn] Init: Name-based SSL virtual hosts only work
>for clients with TLS server name indication support (RFC 4366)
>[Wed May 30 11:31:04 2012] [notice] Apache/2.2.20 (Ubuntu) mod_ssl/2.2.20
>OpenSSL/1.0.0e configured -- resuming normal operations
>[Wed May 30 11:31:59 2012] [error] [client 127.0.0.1] Negotiation: discovered
>file(s) matching request: /var/www/pki/ra/index.html (None could be
>negotiated).
>[Wed May 30 11:31:59 2012] [error] [client 127.0.0.1] Negotiation: discovered
>file(s) matching request: /var/www/pki/ca/index.html (None could be
>negotiated).
>[Wed May 30 11:31:59 2012] [error] [client 127.0.0.1] Negotiation: discovered
>file(s) matching request: /var/www/pki/pub/index.html (None could be
>negotiated).
>[Wed May 30 11:31:59 2012] [error] [client 127.0.0.1] Negotiation: discovered
>file(s) matching request: /var/www/pki/ldap/index.html (None could be
>negotiated).
>[Wed May 30 11:31:59 2012] [error] [client 127.0.0.1] Negotiation: discovered
>file(s) matching request: /var/www/pki/batch/index.html (None could be
>negotiated).
>[Wed May 30 11:32:01 2012] [error] [client 127.0.0.1] Negotiation: discovered
>file(s) matching request: /var/www/pki/ca/index.html (None could be
>negotiated)., referer: http://localhost/pki/
>[Wed May 30 11:32:23 2012] [error] [client 127.0.0.1] File does not exist:
>/var/www/pki/ca/@ca_cgi_url_prefix@, referer:
>https://localhost/pki/ca/index.html.template
>[Wed May 30 11:32:25 2012] [error] [client 127.0.0.1] Negotiation: discovered
>file(s) matching request: /var/www/pki/ca/index.html (None could be
>negotiated)., referer: https://localhost/pki/
>[Wed May 30 11:32:27 2012] [error] [client 127.0.0.1] File does not exist:
>/var/www/pki/ca/@ca_cgi_url_prefix@, referer:
>https://localhost/pki/ca/index.html.template
>[Wed May 30 11:32:32 2012] [error] [client 127.0.0.1] Negotiation: discovered
>file(s) matching request: /var/www/pki/ca/index.html (None could be
>negotiated).
As far as I know, there are two main problems I have. The first is the
mismatching value for localhost, which is a warning here. The other one is that
there is no corresponding file for ca/index.html. I checked the
path: /var/www/html/pki/ca/index.html and index.html does exist. However, it
seems that Apache cannot recognize/resolve it. It's really strange, though. And
when I try to open the index.html from the folder, it gives me this error:
Not Found
>The requested URL /cgi-bin/pki/ca/ca was not found on this server.
I really don't know how to solve it. I searched a lot while I got nothing so
far. Any idea/suggestion what to do to move on.
Thanks in advance
________________________________
From: Jorge A. Arrieta N. <jarri...@e-novat.com>
To: Mohammad khodaei <m_khod...@yahoo.com>
Cc: "openca-users@lists.sourceforge.net" <openca-users@lists.sourceforge.net>
Sent: Wednesday, May 30, 2012 7:56 AM
Subject: Re: Configuring OpenCA after installation (Mohammad khodaei)
Hi,
Yes, your problem it's the same situation that I think. So, I can help
you.
Today, I don't have much time, but with a few tips, you can move on.
You can fix the problem, with "./configure" script.
Basically, you need to fix the location in the file system, for the URL.
For example, in CentOS, you have:
URL: https://localhost/pki/
File system: /var/www/html/pki
Right now, in Ubuntu, you have something like:
URL: https://localhost/html/pki/
File system: /var/www/html/pki
But, you need this:
URL: https://localhost/pki/
File system: /var/www/pki
-> here is the change **
For the 'cgi-bin' it's the same problem.
If my notes, are correct, you need this:
$ ./configure ... --with-htdocs-fs-prefix=/var/www/pki
And with the scripts, is very similar, but the default path is
"/usr/lib/cgi-bin/". Double-check this, because I did in a different
way.
Greetings,
Jorge
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users
