OK, if I sign a CRR I sign it with a ra admin cert with serial "7", the
sub CA has certificate "4", I get 4 overflow errors in the log. The
message that the "signature is correctly verified" is displayed.
If I approve the CRR without signing then I get no overflow errors. But
as this is a prod
Hello Michael,
I sent my message before the other messages appear in
my inbox, So I checked my certificates and my CA
Certificate has a serialnumber like this:
2147483647
In the CA Interface and in DB I see this:
9521c7414e4e4e69f68e9360c52f98c87cabff15 (0x2531)
If you ask me why I'll have to
Many thanks for your comments guys,
Looking into it i am seeing the errors when approving CRRs, singing them
with a certificate.
i shall take Martins's advice and have a look at the database for the
CRR (they all seem to cause problems). I shall try it without signing
the approval too.
Jue
Johnny Gonzalez wrote:
I have seen that message several times, but until now
it haven't been any problem, it appears after
approving CSRs.
Did you approve with signing? Perhaps one of your CA certs in the chain
has such a high serial (like Juergen stated). Nevertheless the use of
Math::BigIn
Hello Chris,
I have seen that message several times, but until now
it haven't been any problem, it appears after
approving CSRs.
As you say so, it appears for very low serial numbers,
so I guess this could be a bug in perl libraries.
Regards,
Johnny
--- Chris Covell <[EMAIL PROTECTED]> escri
Hi,
> Have any of you ever seen this in the stderr.log ?
>
> Integer overflow in hexadecimal number at
> /usr/local/ca001_pki/modules/perl5/OpenCA/PKCS7.pm line 392.
nope. But I think the reason might be that a request you have been
processing was signed by a "rogue" certificate with a serial num
Chris Covell wrote:
> Guys,
>
> Openca 0.9.2.2
> Openssl 0.9.7
>
> Have any of you ever seen this in the stderr.log ?
No.
> Integer overflow in hexadecimal number at
> /usr/local/ca001_pki/modules/perl5/OpenCA/PKCS7.pm line 392.
>
> The last certificate issued was serial 5368 (0x14F8)
>
> The
Guys,
Openca 0.9.2.2
Openssl 0.9.7
Have any of you ever seen this in the stderr.log ?
Integer overflow in hexadecimal number at
/usr/local/ca001_pki/modules/perl5/OpenCA/PKCS7.pm line 392.
The last certificate issued was serial 5368 (0x14F8)
The last certificate revoked was serial 3366 (0xD
