Menu
▾
▴
Re: [Openca-Users] 0.8.1 without ldap?
|
From: Ireneusz R. <jo...@wp...> - 2001-11-20 17:22:27
|
On Tue, 20 Nov 2001, Michael Bell wrote:
> > i have SNAMP-20011105, is ot too old ? :)
> I remember Massimiliano recommends 20011108+. So you should follow the
> recommendation.
Well, i just installed 20011119, should be right ?
But still the same problem...
Once again
In logs (httpd-ca-error.log) there are:
Generating RSA private key, 1024 bit long modulus
...........++++++
.++++++
e is 65537 (0x10001)
Using configuration from /usr/local/OpenCA/conf/openssl/openssl.cnf
unable to load Private Key
Can't call method "getTXT" on an undefined value at cmds/genCAReq line 71,
<FD> line 32.
Compilation failed in require at /home/httpd/cgi-ca/ca line 169, <FD> line
32.
I've done some tests and i found that:
[root@jorgi private]# /usr/local/bin/openssl
OpenSSL> genrsa -des 1024
Generating RSA private key, 1024 bit long modulus
.................++++++
....++++++
e is 65537 (0x10001)
Enter PEM pass phrase:
Verifying password - Enter PEM pass phrase:
everything is ok, i have a key and:
[root@jorgi private]# /usr/local/bin/openssl rsa -in cakey.pem -text -noout
read RSA key
unable to load key
So it seems that openssl-SNAP-20011119 is buggy i think...
I have done the same procedure with /usr/bin/openssl which is my stable
OPENSSL and in last stage i have good answer form openssl:
[root@jorgi private]# /usr/bin/openssl rsa -in cakey.pem -text
read RSA key
Enter PEM pass phrase:
Private-Key: (2048 bit)
modulus:
00:d5:51:85:c0:21:84:a5:7f:01:eb:46:1d:8e:49:
[cut]
In snap version, openssl even don't ask for the passphrase.
I can not find SNAP-20011108 version of openssl so i can't test if it's
ok.
Could it be there something om my machine worth checking ?
BTW: It seems that keys generated (in initalizing CA) are ok, becouse i
can generate request using standard stable OpenSSL, etc.
--
jorgi
|