Home Help Center

IceSSL setup ca with python tools

tkriegertkrieger Member Thomas KriegerOrganization: Analytic Pipe GmbHProject: BISS
Hi,

i try to create an CA for my IceSSL Plugin usage but everytime i try to use an
different dn for the CA certificate which is filled with more information i get an error:

[[email protected] ca]# python initca.py --overwrite
This script will initialize your organization's Certificate Authority (CA).
The CA database will be created in /opt/ca/ca
Warning: running this command will destroy your existing CA setup!
Do you want to continue? (y/n)y
The subject name for your CA will be
CN=Grid CA , O=GridCA-localhost.localdomain
Do you want to keep this as the CA subject name? (y/n) [y]n
Country name:Germany
Common name:TEST CA
Locality:Somewhere
Organization name:KIM
State or province name:
Organization unit name:
The subject name for your CA will be
C=Germany , CN=TEST CA , L=Somewhere , O=KIM
Do you want to keep this as the CA subject name? (y/n) [y]
Enter the email address of the CA: [email protected]
Generating configuration files... ca.cnf sign.cnf req.cnf ok
Generating a 2048 bit RSA private key
......+++
.................+++
writing new private key to '/opt/ca/biss/ca/db/ca_key.pem'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
problems making Certificate Request
11452:error:0D07A097:asn1 encoding routines:ASN1_mbstring_ncopy:string too long:a_mbstr.c:154:maxsize=2
openssl command failed
[[email protected] ca]#

Seems the error depends on the length of the dn.

Hope someone can help me!

Thanks in advance

Thomas Krieger

Comments

  • matthewmatthew NL, CanadaMember Matthew NewhookOrganization: ZeroC, Inc.Project: Internet Communications Engine ✭✭✭
    The country name can only be two characters. You should use the ISO 3166 abbreviation which can be found here.
Sign In or Register to comment.