This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Error Re-generating CA after 9.201 update

I noticed that Sophos has edited their KB article on heardbleed and is now asking for us to re-gen the CA before the certs? Great.... since I already had all users in the organization uninstall and re-install the VPN client. Would have been great to know two days ago when reading the old version of the KB.

I am getting an error while re-generating the CA. Any ideas? I see a reference to country code. All I can say with regards to this is the country is populated with Unites States in System Settings->Organization.

 127.0.0.1 MAIN > RAW
Switched to RAW mode.
                                                                                'UTMhostname', email=>'mailaddress@maildomain.com'})
Calling Confd function ca_generate_signing_ca({name=>'webadmin ca', key_size=>2048, country=>'CountryAcronym', state=>'StateName', city=>'CityName', organization=>'OrganizationName', common_name=>'UTMhostname', email=>'mailaddress@maildomain.com'})
result: 0
fatal: [
          {
            'Aattrs' => [
                          'class',
                          'type',
                          'attr'
                        ],
            'attr' => 'country',
            'attrs' => [
                         'maxlen'
                       ],
            'class' => 'ca',
            'fatal' => 1,
            'format' => 'Cannot create certificate: the %_A attribute must not be longer than %s bytes.',
            'maxlen' => 2,
            'msgtype' => 'CA_RDN_LENGTH',
            'name' => 'Cannot create certificate: the country attribute must not be longer than 2 bytes.',
            'never_hide' => 0,
            'type' => 'signing_ca'
          }
        ]
                                                                                'UTMhostname', email=>'mailaddress@maildomain.com'})
Calling Confd function ca_generate_signing_ca({name=>'webadmin ca', key_size=>2048, country=>'CountryAcronym', state=>'StateName', city=>'CityName', organization=>'OrganizationName', common_name=>'UTMhostname', email=>'mailaddress@maildomain.com'})
result: 0
fatal: [
          {
            'Aattrs' => [
                          'class',
                          'type',
                          'attr'
                        ],
            'attr' => 'country',
            'attrs' => [
                         'maxlen'
                       ],
            'class' => 'ca',
            'fatal' => 1,
            'format' => 'Cannot create certificate: the %_A attribute must not be longer than %s bytes.',
            'maxlen' => 2,
            'msgtype' => 'CA_RDN_LENGTH',
            'name' => 'Cannot create certificate: the country attribute must not be longer than 2 bytes.',
            'never_hide' => 0,
            'type' => 'signing_ca'
          }
        ]
                                                                                127.0.0.1 RAW >

This thread was automatically locked due to age.

Parents

0 mino over 11 years ago

Please do not double post your issues.

My original tips can be read here:
https://community.sophos.com/products/unified-threat-management/astaroorg/f/51/t/22226
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 mino over 11 years ago

Please do not double post your issues.

My original tips can be read here:
https://community.sophos.com/products/unified-threat-management/astaroorg/f/51/t/22226
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data