This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Using ASL CA for openssl CSRs?

Hello everybody,

does anybody already tried to use the internal CA of Astaro as an signing CA for other CSRs?
I tried to import an CSR from openssl, but when trying to sign this CSR always get the error:
---
Certificate signing failed. Either the entered CA passphrase was wrong, or the CSR contains the same DN data as another already signed certificate.
---

The CA passphrase is definitely right, I am signing ASL-CSRs with it witout any problems.
Thanks for any input,

Matthias

This thread was automatically locked due to age.

0 NimmdirKeks over 19 years ago

Normaly I didn't had any trouble signing them. Even MS CSRs are working.

Check the DN, there was some trouble with older ASL versions, not removing deleted CERTs and therefore keeping the DN.
Cancel
Vote Up 0 Vote Down

Cancel
0 MatthiasFleschuetz over 19 years ago in reply to NimmdirKeks

The problem is the following:
The CA of ASL doesnt get along with Keys that are not encrypted for with a passphrase (e.g. the PEM for IMAPd or so).

Matthias
Cancel
Vote Up 0 Vote Down

Cancel
0 NimmdirKeks over 19 years ago in reply to MatthiasFleschuetz

Ah, thats your problem.
Just use it with passphrase and after you copied the signed cert and privat key to the imap server, remove the passphrase with the openssh commands.

http://www.madboa.com/geek/openssl/#key-removepass
Cancel
Vote Up 0 Vote Down

Cancel