Hello,
We tried to issue new certificate and faced some troubles during the process of
the certificate approval (see our questions marked by “###” prefix below).
Our actions:
$msg = $client->send_receive_service_msg('GET_PASSWD_LOGIN',
{
'LOGIN'=>'raop',
'PASSWD'=>'RA Operator',
}
);
$msg = $client->send_receive_command_msg('get_approval_message',{
'TYPE'=>'CSR',
'WORKFLOW'=>'I18N_OPENXPKI_WF_TYPE_CERTIFICATE_SIGNING_REQUEST',
'LANG'=>'en_GB',
'ID'=>$w_id
});
$tobesign = $msg->{PARAMS};
$type = '';
$type_msg = $client->send_receive_command_msg(
'get_workflow_type_for_id',
{
ID=>$w_id,
},);
$type = $type_msg->{PARAMS};
$msg = $client->send_receive_command_msg(
'get_workflow_info',
{
WORKFLOW => $type,
ID=>$w_id,
},);
$context = $msg->{PARAMS}->{WORKFLOW}->{CONTEXT};
my $current_context = {};
CONTENT:
foreach my $key (sort keys %{ $context }) {
next CONTEXT if ($key =~ m{ \A _ }xms);
$current_context->{$key} = $context->{$key};
}
my $serialized_context =
OpenXPKI::Serialization::Simple->new()->serialize($current_context);
my $context_hash = sha1_hex($serialized_context);
my $params = {};
$params{'_signature'} = ?????;
### Question: What kind of signature should we use here?
$params{'_signature_text'} = $tobesign;
$params->{'_check_hash'}=$context_hash;
$msg = $client->send_receive_command_msg('execute_workflow_activity',{
ACTIVITY=>"I18N_OPENXPKI_WF_ACTION_APPROVE_CSR",
ID=>$w_id,
PARAMS=>$params,
WORKFLOW=>"I18N_OPENXPKI_WF_TYPE_CERTIFICATE_SIGNING_REQUEST",
});
print Dumper $msg;
### Then we used 'I18N_OPENXPKI_WF_ACTION_PERSIST_CSR' activity without
additional parameters, but got the following error:
$VAR1 = {
'LIST' => [
{
'LABEL' =>
'I18N_OPENXPKI_SERVER_WORKFLOW_ACTIVITY_TOOLS_FORKWORKFLOWINSTANCE_ERROR_FORKING',
'PARAMS' => {
'__EVAL_ERROR__' =>
'I18N_OPENXPKI_SERVER_WORKFLOW_ACTIVITY_TOOLS_FORKWORKFLOWINSTANCE_ERROR_EXECUTING_ACTIVITY;
__STATE__ => ; __EVAL_ERROR__ =>
I18N_OPENXPKI_ACTIVITY_TOOLS_DETERMINEISSUINGCA_NO_MATCHING_CA;
__REQUESTED_NOTAFTER__ => 2009-07-11T12:22:29'
}
}
],
'SERVICE_MSG' => 'ERROR'
};
### Question: What may be the cause of this error?
______________________________
With best regards, Dmitry Golomolzin
INDEC Ltd.
[email protected]
[email protected]
------------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It is the best place to buy or sell services for
just about anything Open Source.
http://p.sf.net/sfu/Xq1LFB
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users
