(CATOOL) Re: CATool question

Mike McCauley mikem at open.com.au
Mon Sep 5 20:36:01 CDT 2005 

Hello Bon,

On Tuesday 06 September 2005 11:08, Bon sy wrote:
> Hi Mike,
> 	I am ready to close this case. This is what we found out:
>
> 1. The "Install" script reads the "Defs" file for the definition of the
> root certificate during the installation. We set it for 365 days with the
> expectation that we could renew it upon expiration. However, this is not
> how CATool will work. CATool does not allow renewal of root certificate.
> CATool also allows _only_ one root certificate. The details of the root
> certificate is defined via "Defs" file and is created
> only during the installation phase.

Correct.
Root certificate renewal is on our to-do list.

>
> 2. There is also a bug on the permissible lifetime of the root
> certificate in CATool. If one sets the lifetime of the root certificate
> for 40 years (or more), the root certificate will not have the correct
> expiration date. It works for a lifetime of 30 years but we did not try
> any lifetime period between 30 and 40 years.

OK, thanks for reporting that.

>
> 3. We also try to see whether the problem and/or the behavior of the
> CATool will be the same on SUSE Linux. But unfortunately we encountered
> the following error during the installlation and were not able to go
> further:
> 	Catool::X509::CertificateInfo: could not extract serial number from cert
> 	listing at bin/load_ca_cert line 31
>   Did anyone successfully install CATool in SUSE 9.x?
>
 
There are a number of recent fixes for various compatibility issues, including 
various versions of Linux and recent versions of OpenSSL.
Details at:
http://www.open.com.au/catool/history.html

Cheers.


-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS etc.

--
Archive at http://www.open.com.au/archives/catool/
Announcements on catool-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe catool' in the body of the message.

More information about the catool mailing list