Hi *,
I still get the error (as mentioned weeks before)
here is my scep.conf:
# Secure Server Configuration File
## (c) 1999 by Massimiliano Pala and the OpenCA Group
##
## Please Refer to the Documentation for a full detailed
## description of params. Read the README file in this dir
## for more infos on programs accessing this file.
## ============== [ General Section ] =========================
ScepAllowEnrollment "YES"
ScepAllowRenewal "YES"
ScepKeepSubjectAltName "YES"
ScepRenewalRDNMatch ""
# Defaults for initial enrollment
ScepDefaultRole "User"
#ScepDefaultRA "MyRA"
ScepAutoApprove "NO"
DEFAULT_LANGUAGE "en_GB"
DEFAULT_CHARSET "iso-8859-1"
DBmodule "DBI"
CgiLibPath "/export/openca-pub/openca/lib/functions"
CgiServerType "scep"
CgiServerName "scep"
HtdocsUrlPrefix ""
SessionDir /export/openca-pub/openca/var/session/cookie
SessionLifetime 1200
ModuleID 33
ModuleShift 8
AccessControlConfiguration
"/export/openca-pub/openca/etc/access_control/scep.xml"
SoftwareConfiguration "/export/openca-pub/openca/etc/config.xml"
RoleConfiguration "/export/openca-pub/openca/etc/rbac/roles.xml"
ModuleConfiguration "/export/openca-pub/openca/etc/rbac/modules.xml"
TokenConfiguration "/export/openca-pub/openca/etc/token.xml"
LogConfiguration "/export/openca-pub/openca/etc/log.xml"
CertsDir "/export/openca-pub/openca/var/crypto/certs"
CACertificate
"/export/openca-pub/openca/var/crypto/cacerts/cacert.pem"
ChainDir "/export/openca-pub/openca/var/crypto/chain"
CRLDir "/export/openca-pub/openca/var/crypto/crls"
## Paths
openssl "/usr/bin/openssl"
sslconfig "/export/openca-pub/openca/etc/openssl/openssl.cnf"
scepPath "/export/openca-pub/bin/openca-scep"
tempdir "/export/openca-pub/openca/var/tmp"
crlfile "/export/openca-pub/openca/var/crypto/crls/cacrl.crl"
## ==================== [ LOA Support ] =========================
## USE_LOAS takes either YES or NO
USE_LOAS "yes"
## ==================== [ SCEP Section ] ======================
## It is just an example, you should change the 03.pem and/or
## the path pointing to the right key/cert pair
ScepRACert "/export/openca-pub/openca/etc/scep/certs/scep_ra.pem"
ScepRAKey "/export/openca-pub/openca/etc/scep/private/scep_ra.pem"
ScepRAPasswd ""
## ================== [ End SCEP Section ] ====================
Best regards
/Ralf
> Ralf Hornik Mailings schrieb:
> Dear list,
>
> I try to work with sscep (OpenBSD) and can successfully download the
> ca-certificate using scep.
>
> But when I try to enroll a certificate (sscep enroll -f /etc/sscep.conf -c
> ca.crt -r local.csr) it fails and stderr.log shows:
>
> OpenCA: General error trapped 700: The compilation of the command
> cmdScepPKIOperation failed. Modification of a read-only value attempted at
> /export/openca-pub/modules/perl5/OpenCA/Logger/Syslog/Sys.pm line 91.<br>
> Compilation failed in require at
> /export/openca-pub/openca/etc/openca_start line 62.
>
> The same gets the sscep client, when I trace the process.
>
> My scep.conf file is unchanged except the path to teh key and certificate
> for the scep interface. access_control/scep.xml is only "map_role" set to
> "no". The scep interface is located on the RA side. OpenCA version is
> 0.9.2.5.
>
> Has anybody an idea?
>
> Thanks and best Regards
>
> Ralf
>
>
>
> _______________________________________________
> Openca-Users mailing list
> Openca-Users@...
> https://lists.sourceforge.net/lists/listinfo/openca-users
>
--
|