[Openca-Users] Silence...

2004-05-24 Thread Michael Portz 
Hi!
It is so silent on the list...are all problems solved?
Or was it just the vacations? Or are there technical
problems (iff you read this message timely there are
obviously not :)
:)
T.o.Michael
--
accom GmbH  Co. KG
Gruener Weg 100
52070 Aachen
Tel: +49 241 918 5228
Fax: +49 241 918 5299

---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: [Openca-Users] Silence...

2004-05-24 Thread Chris Covell 
Michael,

On Mon, 2004-05-24 at 09:35, Michael Portz wrote:
 It is so silent on the list...are all problems solved?
 Or was it just the vacations? Or are there technical
 problems (iff you read this message timely there are
 obviously not :)

You must have finished OpenCA now !!! It is so perfect, not one person
has a problem !

Chris...



---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: [Openca-Users] Silence...

2004-05-24 Thread Adam Tresch 




Except the OCSPD issue

Could someone send some info about the current status of OCSPD?

Adam

Chris Covell wrote:

  Michael,

On Mon, 2004-05-24 at 09:35, Michael Portz wrote:
  
  
It is so silent on the list...are all problems solved?
Or was it just the vacations? Or are there technical
problems (iff you read this message timely there are
obviously not :)

  
  
You must have finished OpenCA now !!! It is so perfect, not one person
has a problem !

Chris...



---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: [Openca-Users] Silence...

2004-05-24 Thread Michael Bell 
Adam Tresch wrote:
  Except the OCSPD issue
Could someone send some info about the current status of OCSPD?
I see at minimum too big commit series at CVS during the last week from 
Max. So it looks like the next snapshot or RC includes an improvement 
for the OCSP stuff. BTW we try to reactivate the BTS on sourceforge. You 
can also checkout the ocspd stuff seperately from the CVS. It builds 
independendly from OpenCA.

Michael
--
---
Michael Bell   Email: [EMAIL PROTECTED]
ZE Computer- und MedienserviceTel.: +49 (0)30-2093 2482
(Computing Centre)Fax:  +49 (0)30-2093 2704
Humboldt-University of Berlin
Unter den Linden 6
10099 Berlin   Email (private): [EMAIL PROTECTED]
Germany   http://www.openca.org

---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Resubmitted: [Openca-Users] CA Cert not put into database]

2004-05-24 Thread Michael Portz 
Hi,
I want to restate my question from last week. I did try
the latest cvs. So my question is: Is there anybody out
there who actually CAN get latest CVS up and running? And
not fail at enrolling the CA root certificate? Iff so I
promise to dig harder and deeper to find my own errors.
Regards
T.o.Michael
 Original Message 
[...]
From: Michael Portz [EMAIL PROTECTED]
Organization: accom GmbH  Co KG
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040113
X-Accept-Language: de-de, en-us, en
MIME-Version: 1.0
To: [EMAIL PROTECTED]
[...]
Date: Tue, 18 May 2004 16:05:40 +0200
Hi ppl,
setting: latest cvs (15:30 today GMT+1), perl 5.8.0, mysql 3.23, apache 2.0.48
I config, install-offline, modify config.xml et al., configure_etc.sh and
finally openca_rc start it. I can log in, i can start Initialization,
I can Initialize Database, I can generate key, I can generate request,
I can Self-Sign the CA certificate...but it never turns up ANYwhere
besides in var/crypto/cacert. Not in the database, not in the export
...nowhere.
Comments? Hints? Puzzlement?
Regards
T.o.Michael
--
accom GmbH  Co. KG
Gruener Weg 100
52070 Aachen
Tel: +49 241 918 5228
Fax: +49 241 918 5299

---
This SF.Net email is sponsored by: SourceForge.net Broadband
Sign-up now for SourceForge Broadband and get the fastest
6.0/768 connection for only $19.95/mo for the first 3 months!
http://ads.osdn.com/?ad_id=2562alloc_id=6184op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
--
accom GmbH  Co. KG
Gruener Weg 100
52070 Aachen
Tel: +49 241 918 5228
Fax: +49 241 918 5299
---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

RE: [Openca-Users] Silence...

2004-05-24 Thread Til Obes 
My problem with the language changing is still there ;) 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Michael Portz
Sent: Monday, May 24, 2004 10:35 AM
To: [EMAIL PROTECTED]
Subject: [Openca-Users] Silence...

Hi!

It is so silent on the list...are all problems solved?
Or was it just the vacations? Or are there technical problems (iff you read
this message timely there are obviously not :)

:)
T.o.Michael

--
accom GmbH  Co. KG
Gruener Weg 100
52070 Aachen

Tel: +49 241 918 5228
Fax: +49 241 918 5299



---
This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest
thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users



---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: [Openca-Users] Silence...

2004-05-24 Thread Laurent Mesur 
Chris Covell wrote:
Michael,
On Mon, 2004-05-24 at 09:35, Michael Portz wrote:
 

It is so silent on the list...are all problems solved?
Or was it just the vacations? Or are there technical
problems (iff you read this message timely there are
obviously not :)
   

You must have finished OpenCA now !!! It is so perfect, not one person
has a problem !
 

Well, i disagree, i've tried 23 installation and none worked.
I post 11 questions on this list, 3 got answers.
So i abandon OpenCA to try something else, and actually i don't trust 
OpenCA for production purpose in my job (i m an engineer doing Security 
Consulting projects).

Laurent.

---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: [Openca-Users] Silence...

2004-05-24 Thread Michael Portz 
I quickly reviewed your recent questions and it seems the core problem
is the same I got: The initial handling of the freshly generated
CA certificate. I am quite sure most of the other problems of the current
RC and CVS versions stem from this one.
So again: ANYBODY got RC4 or newer up and working???
Regards
Michael
Laurent Mesuré wrote:
 [...]
Well, i disagree, i've tried 23 installation and none worked.
I post 11 questions on this list, 3 got answers.
So i abandon OpenCA to try something else, and actually i don't trust 
OpenCA for production purpose in my job (i m an engineer doing Security 
Consulting projects).

Laurent.

---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

--
accom GmbH  Co. KG
Gruener Weg 100
52070 Aachen
Tel: +49 241 918 5228
Fax: +49 241 918 5299
---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g.
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id149alloc_id66op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: [Openca-Users] Silence...

2004-05-24 Thread Michael Konietzka 
Michael Portz wrote:
I quickly reviewed your recent questions and it seems the core problem
is the same I got: The initial handling of the freshly generated
CA certificate. I am quite sure most of the other problems of the current
RC and CVS versions stem from this one.
So again: ANYBODY got RC4 or newer up and working???
I am playing with RC4, but it is not in production yet.
In this phase I am evaluating OpenCA if it fits my
purposes or if i have to implement some parts on my own.
From my point of view I will use the CA and RA-Interfaces,
but will create my own Pub-Interface, because I want to integrate
the User-Interface in an intranet-portal.
Best regards
 Michael
Laurent Mesuré wrote:
  [...]
Well, i disagree, i've tried 23 installation and none worked.
I post 11 questions on this list, 3 got answers.
So i abandon OpenCA to try something else, and actually i don't trust 
OpenCA for production purpose in my job (i m an engineer doing 
Security Consulting projects).

Laurent.

---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 
10g. Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users



--
Dipl.-Inform. Michael Konietzka  Schlund + Partner AG
- Development UNIX - Brauerstraße 48
Webservices  D-76135 Karlsuhe
http://www.schlund.de/   Germany
---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: [Openca-Users] Silence...

2004-05-24 Thread Michael Portz 
Thanks Michael for your response!
Please confirm the following:
- You CAN initialize databases!
- You CAN generate the new ca key!
- You CAN generate the request for the ca certificate!
- You CAN enroll the ca certificate with it afterwards
  being visible on the screen and in the databases!
Curious Regards
T.o.Michael
Michael Konietzka wrote:
Michael Portz wrote:
I quickly reviewed your recent questions and it seems the core problem
is the same I got: The initial handling of the freshly generated
CA certificate. I am quite sure most of the other problems of the current
RC and CVS versions stem from this one.
So again: ANYBODY got RC4 or newer up and working???

I am playing with RC4, but it is not in production yet.
In this phase I am evaluating OpenCA if it fits my
purposes or if i have to implement some parts on my own.
 From my point of view I will use the CA and RA-Interfaces,
but will create my own Pub-Interface, because I want to integrate
the User-Interface in an intranet-portal.
Best regards
 Michael
Laurent Mesuré wrote:
  [...]
Well, i disagree, i've tried 23 installation and none worked.
I post 11 questions on this list, 3 got answers.
So i abandon OpenCA to try something else, and actually i don't trust 
OpenCA for production purpose in my job (i m an engineer doing 
Security Consulting projects).

Laurent.

---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 
10g. Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users




--
accom GmbH  Co. KG
Gruener Weg 100
52070 Aachen
Tel: +49 241 918 5228
Fax: +49 241 918 5299
---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g.
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id149alloc_id66op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: [Openca-Users] Silence...

2004-05-24 Thread Oden Eriksson 
måndagen den 24 maj 2004 12.21 skrev Michael Bell:
 Adam Tresch wrote:
Except the OCSPD issue
 
  Could someone send some info about the current status of OCSPD?

 I see at minimum too big commit series at CVS during the last week from
 Max. So it looks like the next snapshot or RC includes an improvement
 for the OCSP stuff. BTW we try to reactivate the BTS on sourceforge. You
 can also checkout the ocspd stuff seperately from the CVS. It builds
 independendly from OpenCA.

Michael,

Would you consider syncing the perl modules against what's at CPAN?

Thanks in advance.
-- 
Regards // Oden Eriksson


---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g.
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id149alloc_id66op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: [Openca-Users] Silence...

2004-05-24 Thread Michael Konietzka 
Michael Portz wrote:
Thanks Michael for your response!
Please confirm the following:
- You CAN initialize databases!
[x] I am using DBM files at the moment, next step is to use MySQL with InnoDB
- You CAN generate the new ca key!
[x] Done.
- You CAN generate the request for the ca certificate!
[X] Done.
- You CAN enroll the ca certificate with it afterwards
  being visible on the screen and in the databases!
[X] Done.
All with RC4. I got 4 points, did I win something?
;-)
Best regards
 Michael

Michael Konietzka wrote:
Michael Portz wrote:
I quickly reviewed your recent questions and it seems the core problem
is the same I got: The initial handling of the freshly generated
CA certificate. I am quite sure most of the other problems of the 
current
RC and CVS versions stem from this one.

So again: ANYBODY got RC4 or newer up and working???

I am playing with RC4, but it is not in production yet.
In this phase I am evaluating OpenCA if it fits my
purposes or if i have to implement some parts on my own.
 From my point of view I will use the CA and RA-Interfaces,
but will create my own Pub-Interface, because I want to integrate
the User-Interface in an intranet-portal.
Best regards
 Michael
Laurent Mesuré wrote:
  [...]
Well, i disagree, i've tried 23 installation and none worked.
I post 11 questions on this list, 3 got answers.
So i abandon OpenCA to try something else, and actually i don't 
trust OpenCA for production purpose in my job (i m an engineer doing 
Security Consulting projects).

Laurent.

---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 
10g. Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users






--
Dipl.-Inform. Michael Konietzka  Schlund + Partner AG
- Development UNIX - Brauerstraße 48
Webservices  D-76135 Karlsuhe
http://www.schlund.de/   Germany
---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: [Openca-Users] Silence...

2004-05-24 Thread Michael Portz 
Michael Konietzka wrote:
Michael Portz wrote:
Thanks Michael for your response!
Please confirm the following:
- You CAN initialize databases!

[x] I am using DBM files at the moment, next step is to use MySQL with 
InnoDB
Hmmm...ok..I DO use mysql. Perhaps it DOES have something to do with it.
So my next question is: Anybody out there did FAIL or SUCCEED using
mysql on RC4 or later?
- You CAN generate the new ca key!

[x] Done.
- You CAN generate the request for the ca certificate!

[X] Done.
- You CAN enroll the ca certificate with it afterwards
  being visible on the screen and in the databases!

[X] Done.
All with RC4. I got 4 points, did I win something?
;-)
Hmmm...well..I might be seriously considering being grateful for a
while...enough for you?
;-)
Michael
--
accom GmbH  Co. KG
Gruener Weg 100
52070 Aachen
Tel: +49 241 918 5228
Fax: +49 241 918 5299
---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

[Openca-Users] Login problems with OpenCA (CVS head)

2004-05-24 Thread Martin Bartosch 
Hi,

I just set up a fresh OpenCA installation using the current CVS version
and I now am stuck at the login screen:

Whenever trying to login as 'root' as usual, I am redirected to the
login form again. The web server access log shows

* - - [24/May/2004:15:15:48 +0200] POST /cgi-bin/ca/ca HTTP/1.1 200 418
* - - [24/May/2004:15:15:49 +0200] GET /cgi-bin/ca/ca?cmd=serverInfo
HTTP/1.1 200 343
* - - [24/May/2004:15:15:50 +0200] GET /cgi-bin/ca/ca?cmd=genMenu
HTTP/1.1 200 343
* - - [24/May/2004:15:15:50 +0200] GET /cgi-bin/ca/ca?redir=1 HTTP/1.1
200 1892

So I guess I am in fact logged in, but the start page cannot be displayed
for some reason.

If I enter an incorrect login I get a nice red 'Error Login failed' message
instead.

Does anybody know what's going on here...? BTW: Is it only me or should
there should really be an application error log to help solving such
problems?

cheers

Martin



---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: [Openca-Users] Silence...

2004-05-24 Thread Michael Konietzka 
Michael Portz wrote:
Michael Konietzka wrote:
Michael Portz wrote:
Thanks Michael for your response!
Please confirm the following:
- You CAN initialize databases!

[x] I am using DBM files at the moment, next step is to use MySQL with 
InnoDB

Hmmm...ok..I DO use mysql. Perhaps it DOES have something to do with it.
So my next question is: Anybody out there did FAIL or SUCCEED using
mysql on RC4 or later?
- You CAN generate the new ca key!

[x] Done.
- You CAN generate the request for the ca certificate!

[X] Done.
- You CAN enroll the ca certificate with it afterwards
  being visible on the screen and in the databases!

[X] Done.
All with RC4. I got 4 points, did I win something?
;-)

Hmmm...well..I might be seriously considering being grateful for a
while...enough for you?
Well, that's ok for the moment.
;-)
--
Dipl.-Inform. Michael Konietzka  Schlund + Partner AG
---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: [Openca-Users] dual-key usage with OpenCA

2004-05-24 Thread Michael Konietzka 
Chris Covell wrote:
Michael,
On Wed, 2004-05-19 at 11:32, Michael Konietzka wrote:
Ok, but how should  I handle the different keyUsage in certification 
process?

The OpenCA way of doing this is to have a different Role for each
certificate type. So I would have a Sign role where the key usage is
set to:
keyUsage = nonRepudiation, digitalSignature  extendedKeyUsage: TLS Web
client authentication, E-mail protection
and a Encrypt role where the key usage is set to:
keyUsage = keyEncipherment, dataEncipherment, keyAgreement
OK, done it this way using two different roles and it worked.
But I am using for both certificates the client-side generation.
Michael Bell said, for key recovery of the decryption certs i
should use the batch processor. So i will check this out.
Best regards
 Michael
--
Dipl.-Inform. Michael Konietzka  Schlund + Partner AG
- Development UNIX - Brauerstraße 48
Webservices  D-76135 Karlsuhe
http://www.schlund.de/   Germany
---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: [Openca-Users] Silence...

2004-05-24 Thread Oliver Welter 
Hi all,
Michael Portz wrote:
I quickly reviewed your recent questions and it seems the core problem
is the same I got: The initial handling of the freshly generated
CA certificate. I am quite sure most of the other problems of the current
RC and CVS versions stem from this one.
So again: ANYBODY got RC4 or newer up and working???
I have RC4 up and running without problems - tests ok, will go for 
production next week with the setup

Im using mySQL on Suse 9.0
Oliver
--
Diese Nachricht wurde digital unterschrieben
oliwel's public key: http://www.oliwel.de/oliwel.crt
Basiszertifikat: http://www.ldv.ei.tum.de/page72


smime.p7s
Description: S/MIME Cryptographic Signature

Re: [Openca-Users] Silence...

2004-05-24 Thread Michael Portz 
Thanks Oli for your response!
Thoughtful Regards
T.o.Michael
Oliver Welter wrote:
Hi all,
Michael Portz wrote:
I quickly reviewed your recent questions and it seems the core problem
is the same I got: The initial handling of the freshly generated
CA certificate. I am quite sure most of the other problems of the current
RC and CVS versions stem from this one.
So again: ANYBODY got RC4 or newer up and working???

I have RC4 up and running without problems - tests ok, will go for 
production next week with the setup

Im using mySQL on Suse 9.0
Oliver

--
accom GmbH  Co. KG
Gruener Weg 100
52070 Aachen
Tel: +49 241 918 5228
Fax: +49 241 918 5299
---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: [Openca-Users] dual-key usage with OpenCA

2004-05-24 Thread Chris Covell 
On Monday 24 May 2004 14:47, Michael Konietzka wrote:
 OK, done it this way using two different roles and it worked.
 But I am using for both certificates the client-side generation.
 Michael Bell said, for key recovery of the decryption certs i
 should use the batch processor. So i will check this out.

Yes, this is a good idea.

In general it is a good idea for your users to generate their own signing 
keys, as then everyone knows that the keys have not existed anywhere other 
than the end user client (this is good for non-repudiation).

If they then loose their signing keys, they just generate new ones.

Chris...



---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

[Openca-Users] Solved: Login problems with OpenCA (CVS head)

2004-05-24 Thread Martin Bartosch 
Hi all,

I found it myself: the cookie directory

var/session/cookie/ca

did not exist for some reason after my fresh install.
Created the directory manually, works.

(I used the SuSE RPM build procedure from the CVS to create SuSE
packages.)

cheers

Martin



---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: [Openca-Users] CA Cert not put into database

2004-05-24 Thread Michael Bell 
Michael Portz wrote:
Hi ppl,
setting: latest cvs (15:30 today GMT+1), perl 5.8.0, mysql 3.23, apache 
2.0.48

I config, install-offline, modify config.xml et al., configure_etc.sh and
finally openca_rc start it. I can log in, i can start Initialization,
I can Initialize Database, I can generate key, I can generate request,
I can Self-Sign the CA certificate...but it never turns up ANYwhere
besides in var/crypto/cacert. Not in the database, not in the export
...nowhere.
I introduced a bug during the cleanup of initServer. I initialized the 
crypto backend too late. So the database modules cannot handle the 
crypto objects :( OpenCA::DB detects the correct error but OpenCA::DBI 
does not detect the error. Now the error is fixed and OpenCA::DBI has a 
better error detection and debugging code.

BTW if a script/command dies then OpenCA detects the error now correctly 
and not only displaying a blank page.

Michael
--
---
Michael Bell   Email: [EMAIL PROTECTED]
ZE Computer- und MedienserviceTel.: +49 (0)30-2093 2482
(Computing Centre)Fax:  +49 (0)30-2093 2704
Humboldt-University of Berlin
Unter den Linden 6
10099 Berlin   Email (private): [EMAIL PROTECTED]
Germany   http://www.openca.org

---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: [Openca-Users] Silence...

2004-05-24 Thread Michael Bell 
Oden Eriksson wrote:
måndagen den 24 maj 2004 12.21 skrev Michael Bell:
Adam Tresch wrote:
 Except the OCSPD issue
Could someone send some info about the current status of OCSPD?
I see at minimum too big commit series at CVS during the last week from
Max. So it looks like the next snapshot or RC includes an improvement
for the OCSP stuff. BTW we try to reactivate the BTS on sourceforge. You
can also checkout the ocspd stuff seperately from the CVS. It builds
independendly from OpenCA.

Michael,
Would you consider syncing the perl modules against what's at CPAN?
Hi Oden,
I'm sorry but I cannot access the modules on CPAN. We can update them 
but Max is the owner. So please ask him to do it or he have to give me 
the permissions on CPAN to do this. I see no problems to update the 
modules on CPAN.

Michael
--
---
Michael Bell   Email: [EMAIL PROTECTED]
ZE Computer- und MedienserviceTel.: +49 (0)30-2093 2482
(Computing Centre)Fax:  +49 (0)30-2093 2704
Humboldt-University of Berlin
Unter den Linden 6
10099 Berlin   Email (private): [EMAIL PROTECTED]
Germany   http://www.openca.org

---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g.
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id149alloc_id66op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: [Openca-Users] Solved: Login problems with OpenCA (CVS head)

2004-05-24 Thread Michael Bell 
Martin Bartosch wrote:
Hi all,
I found it myself: the cookie directory
var/session/cookie/ca
did not exist for some reason after my fresh install.
Created the directory manually, works.
(I used the SuSE RPM build procedure from the CVS to create SuSE
packages.)
Only one question - does this be the only error with the SuSE stuff?
The bug is fixed in openca.spec. I added several 
%{prefix}/var/session/cookie/ to the different packages.

Michael
--
---
Michael Bell   Email: [EMAIL PROTECTED]
ZE Computer- und MedienserviceTel.: +49 (0)30-2093 2482
(Computing Centre)Fax:  +49 (0)30-2093 2704
Humboldt-University of Berlin
Unter den Linden 6
10099 Berlin   Email (private): [EMAIL PROTECTED]
Germany   http://www.openca.org

---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: [Openca-Users] Solved: Login problems with OpenCA (CVS head)

2004-05-24 Thread Martin Bartosch 
Hi,

 (I used the SuSE RPM build procedure from the CVS to create SuSE
 packages.)

 Only one question - does this be the only error with the SuSE stuff?

 The bug is fixed in openca.spec. I added several
 %{prefix}/var/session/cookie/ to the different packages.

the rest seems to work, but I may have forgotton minor issues during
install. I will have a closer look next time I reinstall the system.

Martin





---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

RE: [Openca-Users] Silence...

2004-05-24 Thread Nuno Antunes 
Hi Oden,

I'm sorry but I cannot access the modules on CPAN. We can update them 
but Max is the owner. So please ask him to do it or he have to give me 
the permissions on CPAN to do this. I see no problems to update the 
modules on CPAN.

Michael


That would be great!

I'm trying to complete the missing FreeBSD ports of OpenCA modules. I
already have a working preliminary version to all of them, but they are
still based on current CPAN modules which are somewhat out-of-date.

Once the CPAN modules are synchronized, updating the ports to the latest
version should be trivial..

Regards,
Nuno




---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: [Openca-Users] Silence...

2004-05-24 Thread Ricardo Kirkner 
Hi Oliver:
could you write a HOWTO based on your steps to install the system? (are 
you separating CA, RA and PUB?)

I am trying to get this working for some time now, and I am about to 
give up...

Ricardo
Oliver Welter wrote:
Hi all,
Michael Portz wrote:
I quickly reviewed your recent questions and it seems the core problem
is the same I got: The initial handling of the freshly generated
CA certificate. I am quite sure most of the other problems of the 
current
RC and CVS versions stem from this one.

So again: ANYBODY got RC4 or newer up and working???

I have RC4 up and running without problems - tests ok, will go for 
production next week with the setup

Im using mySQL on Suse 9.0
Oliver

---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: [Openca-Users] Silence...

2004-05-24 Thread Oden Eriksson 
måndagen den 24 maj 2004 17.14 skrev Michael Bell:
 Oden Eriksson wrote:
  måndagen den 24 maj 2004 12.21 skrev Michael Bell:
 Adam Tresch wrote:
   Except the OCSPD issue
 
 Could someone send some info about the current status of OCSPD?
 
 I see at minimum too big commit series at CVS during the last week from
 Max. So it looks like the next snapshot or RC includes an improvement
 for the OCSP stuff. BTW we try to reactivate the BTS on sourceforge. You
 can also checkout the ocspd stuff seperately from the CVS. It builds
 independendly from OpenCA.
 
  Michael,
 
  Would you consider syncing the perl modules against what's at CPAN?

 Hi Oden,

 I'm sorry but I cannot access the modules on CPAN. We can update them
 but Max is the owner. So please ask him to do it or he have to give me
 the permissions on CPAN to do this. I see no problems to update the
 modules on CPAN.

Aha. I see. I can ask him about it, will keep you posted.

-- 
Regards // Oden Eriksson


---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g.
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id149alloc_id66op=click
___
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users