(CATOOL) Re: CATool question
Mike McCauley
mikem at open.com.au
Mon Sep 5 20:36:01 CDT 2005
Hello Bon,
On Tuesday 06 September 2005 11:08, Bon sy wrote:
> Hi Mike,
> I am ready to close this case. This is what we found out:
>
> 1. The "Install" script reads the "Defs" file for the definition of the
> root certificate during the installation. We set it for 365 days with the
> expectation that we could renew it upon expiration. However, this is not
> how CATool will work. CATool does not allow renewal of root certificate.
> CATool also allows _only_ one root certificate. The details of the root
> certificate is defined via "Defs" file and is created
> only during the installation phase.
Correct.
Root certificate renewal is on our to-do list.
>
> 2. There is also a bug on the permissible lifetime of the root
> certificate in CATool. If one sets the lifetime of the root certificate
> for 40 years (or more), the root certificate will not have the correct
> expiration date. It works for a lifetime of 30 years but we did not try
> any lifetime period between 30 and 40 years.
OK, thanks for reporting that.
>
> 3. We also try to see whether the problem and/or the behavior of the
> CATool will be the same on SUSE Linux. But unfortunately we encountered
> the following error during the installlation and were not able to go
> further:
> Catool::X509::CertificateInfo: could not extract serial number from cert
> listing at bin/load_ca_cert line 31
> Did anyone successfully install CATool in SUSE 9.x?
>
There are a number of recent fixes for various compatibility issues, including
various versions of Linux and recent versions of OpenSSL.
Details at:
http://www.open.com.au/catool/history.html
Cheers.
--
Mike McCauley mikem at open.com.au
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia http://www.open.com.au
Phone +61 7 5598-7474 Fax +61 7 5598-7070
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP etc on Unix, Windows, MacOS etc.
--
Archive at http://www.open.com.au/archives/catool/
Announcements on catool-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe catool' in the body of the message.
More information about the catool
mailing list