(CATOOL) Re: CATool question

Mike McCauley mikem at open.com.au
Tue Aug 30 19:51:07 CDT 2005 

Hello Bon,

The certificate you sent me looks to be a self-signed certificate for 
C=US, ST=New York, L=Flushing, O=qcwireless, CN=qcwireless Certificate 
Authority

Is your CATool that certificate authority?
How did you genertae that certificate? Was it imported somehow, or did you 
request and sign it with CAtool?

Cheers.

On Wednesday 31 August 2005 10:19, Bon sy wrote:
> Mike,
> 	Your derscription below is exactly the problem scenario that
> I have now.
>
> 	As an additional observation, you may noticed from the attached
> root certificate file I sent you in the previous email, that root
> certificate has an extension of ".crt" other than the standard .pem, .p12,
> or .der (I do not know whether this as any thing to do with the CATool by
> not proving renewal option. But I thought I shoudl at least mention it.)
>
> 	Thank again!
>
>
>
> Bon
>
> On Wed, 31 Aug 2005, Mike McCauley wrote:
> > Hello Bon,
> >
> > On Wednesday 31 August 2005 09:58, Bon sy wrote:
> > > Mikem
> > >
> > > 	Thanks for the note. I am aware of the instruction you described
> > > below and have been using to renew standard/client/server
> > > certificates. My problem is that the root certificate I sent you (or
> > > other root certificates) within the CATool environment just was not
> > > offered the option of renewal! Even I can renew all other certificates,
> > > but not the root certificate (the renewal option does not show up in
> > > the web UI).
> >
> > Perhaps I dont understand your question prperly.
> >
> > It seems you are talking about some certificates that were generated by
> > CAtool, not the CAtool root certificate? And you are using these
> > certificates as root certificates for some other application? And that
> > these certificates do not have a renew option when you view them in the
> > CAtool certificate directory?
> >
> > Do I understand correctly?
> >
> > Cheers.
> >
> > > Bon
> > >
> > > On Wed, 31 Aug 2005, Mike McCauley wrote:
> > > > Hello Bon,
> > > >
> > > > Thnaks for your note.
> > > >
> > > > On Tuesday 30 August 2005 12:25, Bon sy wrote:
> > > > > I am not talking about the CATool root certificate. But rather a
> > > > > root certificate created from using the CATool, which was set to
> > > > > expire in one year. See the root certificate in the attachment.
> > > > >
> > > > > In any event, the issue is not whether the root certificate lasts
> > > > > for 10 years. But the issue is whether the CATool provides a
> > > > > utility to renew the root certificate that was generated.
> > > > >
> > > > > In the case of using openssl, I can easily re-create the root
> > > > > certificate (in our old environment). But I could not find the user
> > > > > interface in CATool to renewal the root certificate, nor could I
> > > > > re-create it via the GUI interface ... even if as the last resort
> > > > > we need to re-create the entire CA structure. So, does it mean that
> > > > > we need to re-install CATool? This  makes the CATool a
> > > > > less-than-idea commercial product.
> > > >
> > > > You can renew any certificate created with CATool:
> > > > 1. From the Main Menu, click on 'View Directory of Certificates'
> > > > 2. Click on View next to the certificate you wish to renew.
> > > > 3. Scroll down and click on the 'Request Renewal' button.
> > > > 4. Click on Submit.
> > > > 5. An administrator can then sign the renewed certificate.
> > > >
> > > > Cheers.
> > > >
> > > > > Bon
> > > > >
> > > > > On Tue, 30 Aug 2005, Mike McCauley wrote:
> > > > > > Hello,
> > > > > >
> > > > > > On Tuesday 30 August 2005 00:53, you wrote:
> > > > > > > Mike,
> > > > > > > 	Sorry that I did not post it to the CATool listserv. I do not
> > > > > > > have the email address for that.
> > > > > >
> > > > > > Its catool at open.com.au
> > > > > >
> > > > > > > 	I have a (hopefully) rather trival question. I have a root
> > > > > > > certificate that has expired. I do not seem to find the CATool
> > > > > > > option to renewal the root certificate even I could easily
> > > > > > > renewal a client/server certificate. ANy idea?
> > > > > >
> > > > > > Hmmm, are you sure? Your root certificate should be valid for 10
> > > > > > years.
> > > > > >
> > > > > > Cheers.
> > > > > >
> > > > > > > 	Thanks!
> > > > > > >
> > > > > > > Bon
> > > > > >
> > > > > > --
> > > > > > Mike McCauley                               mikem at open.com.au
> > > > > > Open System Consultants Pty. Ltd            Unix, Perl, Motif,
> > > > > > C++, WWW 9 Bulbul Place Currumbin Waters QLD 4223 Australia
> > > > > > http://www.open.com.au Phone +61 7 5598-7474
> > > > > > Fax +61 7 5598-7070
> > > > > >
> > > > > > Radiator: the most portable, flexible and configurable RADIUS
> > > > > > server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password,
> > > > > > NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active
> > > > > > Directory, EAP, TLS, TTLS, PEAP etc on Unix, Windows, MacOS etc.
> > > >
> > > > --
> > > > Mike McCauley                               mikem at open.com.au
> > > > Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++,
> > > > WWW 9 Bulbul Place Currumbin Waters QLD 4223 Australia
> > > > http://www.open.com.au Phone +61 7 5598-7474                      
> > > > Fax +61 7 5598-7070
> > > >
> > > > Radiator: the most portable, flexible and configurable RADIUS server
> > > > anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> > > > Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP,
> > > > TLS, TTLS, PEAP etc on Unix, Windows, MacOS etc.
> > > >
> > > > --
> > > > Archive at http://www.open.com.au/archives/catool/
> > > > Announcements on catool-announce at open.com.au
> > > > To unsubscribe, email 'majordomo at open.com.au' with
> > > > 'unsubscribe catool' in the body of the message.
> >
> > --
> > Mike McCauley                               mikem at open.com.au
> > Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
> > 9 Bulbul Place Currumbin Waters QLD 4223 Australia  
> > http://www.open.com.au Phone +61 7 5598-7474                       Fax  
> > +61 7 5598-7070
> >
> > Radiator: the most portable, flexible and configurable RADIUS server
> > anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> > Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
> > TTLS, PEAP etc on Unix, Windows, MacOS etc.
> >
> > --
> > Archive at http://www.open.com.au/archives/catool/
> > Announcements on catool-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with
> > 'unsubscribe catool' in the body of the message.
>
> --
> Archive at http://www.open.com.au/archives/catool/
> Announcements on catool-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe catool' in the body of the message.

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS etc.

--
Archive at http://www.open.com.au/archives/catool/
Announcements on catool-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe catool' in the body of the message.

More information about the catool mailing list