From: Francois P. <Fra...@id...> - 2006-09-29 03:47:17
|
Hi Julian, thx for your answers. For the login part of the pub, ok it makes sense, i will remove the = button. By the way, is there any way to login through an external LDAP = directory, to the pub interface ? (Novell eDirectory in this case) For the signature, I do not agree completly...Remember that my CA is = offline, so I need to transfert somehow the database between RA and CA. = Nothing is included insisde the databse until I go through the different = steps in the RA node. So as fas as I know, I NEED to accept the request. = Question was, what does mean SIGN the request or accept with signature ? = and What do I need to do that (it does not actually work, it runs a kind = of Java process but no way) ? I was thinking about a user certificat (the = RA-Operator certificat) inside the borwser in order for the sugnature to = be accpeted by the RA ? It is not a big problem for me to accept without a signature it is only to = understand the process better... Many thanks for your time... > I would like also to know how i can sign a CSR request or a=20 > certificate request from the RA. Only the not signed accept=20 > operation is working...May i need to have from the browser a=20 > ra-operator certificate created as user certificate ? You can login to the ca part directly and sign the certificate without having to sign the request. But you always have to login to the ca part so sign the certificate, the ra part is only to approve the request and to check the validity of the persons data who send it in. That's the concept of an PKI. Regards, Julian ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share = your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=3Djoin.php&p=3Dsourceforge&CID=3DDE= VDEV=20 _______________________________________________ Openca-Users mailing list Ope...@li...=20 https://lists.sourceforge.net/lists/listinfo/openca-users |