Re: [ssl-users] Some problem in my cgi Script to create client's certificates

Remo Tabanelli Fri, 6 Mar 1998 11:47:58 -0500
David... may be that you have the permission to create (write) the user 
cert while your http (executing the script as another user... maybe 
nobody..) has not this permission(s) ?

On Fri, 6 Mar 1998, David Guerrero (PFC-Fernando) wrote:

> 
> 
>   Could somebody tell me why I have this error?
>  
>    When I try to create the client's certificate using the cgi Perl script the
> certificate request fail.
>    the error message in my browser is:
> 
> 
> >Certificate request failed
> >
> >/home/guerrero/ssl/bin/ca -config /home/guerrero/ssl/lib/ssleay.cnf -spkac
> >/home/guerrero/ssl/certs/cert5.req -out /home/guerrero/ssl/certs/cert5.result -days 
>360
> >
> >rc = 256
> >
> >unknown option ca 
> >usage: ca args 
> >
> >-verbose - Talk alot while doing things 
> >-config file - A config file 
> >-name arg - The particular CA definition to use 
> >-gencrl - Generate a new CRL 
> >-crldays days - Days is when the next CRL is due 
> >       .......
> 
>  BUT whe I execute the same in my prompt it run good!
> 
>   read this:
> 
> >[guerrero]~ >/home/guerrero/ssl/bin/ca -config /home/guerrero/ssl/lib/ssleay.cnf
> >-spkac /home/guerrero/ssl/certs/cert5.req  -out 
>/home/guerrero/ssl/certs/cert5.result
> > -days 360
> >
> >Using configuration from /home/guerrero/ssl/lib/ssleay.cnf
> >Enter PEM pass phrase:
> >Check that the SPKAC request matches the signature
> >Signature ok
> >The Subjects Distinguished Name is as follows
> >commonName            :PRINTABLE:'Client Certificate'
> >emailAddress          :IA5STRING:'[EMAIL PROTECTED]'
> >organizationName      :PRINTABLE:'The Open Group'
> >organizationalUnitName:PRINTABLE:'Research Institute'
> >localityName          :PRINTABLE:'Cambridge'
> >stateOrProvinceName   :PRINTABLE:'MA'
> >countryName           :PRINTABLE:'US'
> >Certificate is to be certified until Mar  1 15:43:14 1999 GMT (360 days)
> >
> >Write out database with 1 new entries
> >Data Base Updated
> 
> 
>  In the cgi script...
>  
>              my $cmd = "$CA -config $CONFIG -spkac $req_file -out $result_file -days 
>360";
>              my $rc =  system("$cmd -key $CAPASS 2>errs");
>              if($rc != 0) { fail("$cmd<P>rc = $rc", "errs"); }
> 
>              open(CERT, "<$result_file") or fail("Could not open $result_file<P>$!");
> 
> 
> +-------------------------------------------------------------------------+
> | Administrative requests should be sent to [EMAIL PROTECTED] |
> | List service provided by Open Software Associates, http://www.osa.com/  |
> +-------------------------------------------------------------------------+
> 

         //)
        //\emo.
        Remo Tabanelli [EMAIL PROTECTED] 
        -or- 
        [EMAIL PROTECTED]
        ===========================================
        In a world without walls, who needs Gates ?

+-------------------------------------------------------------------------+
| Administrative requests should be sent to [EMAIL PROTECTED] |
| List service provided by Open Software Associates, http://www.osa.com/  |
+-------------------------------------------------------------------------+
Re: [ssl-users] Some problem in my cgi Script to create client's certificates

Reply via email to
