| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> RE: iAS 1.0 and SSL, and ".oid" files
I seem to have solved the problem by placing an organizational id into the
.oid field, and regenerating the private key
before generating the certification request
Ian MacGregor
Stanford Linear Accelerator Center
ian_at_slac.stanford.edu
-----Original Message-----
From: MacGregor, Ian A.
Sent: Friday, November 17, 2000 11:26 AM
To: Multiple recipients of list ORACLE-L
Subject: iAS 1.0 and SSL, and ".oid" files
As part of our migration path to 8i we are upgrading are Oracle application server from OAS 3.X... to iAS 1.0. This is necessary because the older one will not work on 8i, when a PL/SQL procedure has 20 or more arguments. I've installed the iAS, built DAD's, connected to the database; all is well. Except, I cannot generate a certificate request for Verisign. It complains of a missing ".oid" file. I don't know what that is; it it an organizational id? What was supposed to write it?
I have noticed that the default openssl.cnf file species that the .oid is
supposed to be found in a directory for which
the iAS software owner has no permissions. The reason why the software
owner has no permissions is the software owner is nobody. The nobody
account is reached via sudo and su. The default location for the .oid file
is the home directory of the original logged-in user. The parameter in
openssl.cnf can be changed, but I'm not sure what the .oid file should look
like.
If i make the parameter and put in a dummy .oid file, the .oid file is
found. Other problems arise, but I don't know if they're because of the
context of the .oid file or something else.
The present error messages
$ openssl req -new -key priv.key -out certreq.csr -config
$ORACLE_HOME/Apache/open_ssl/bin/openssl.cnf
Using configuration from
/u1/app/iAS/product/1.0/Apache/open_ssl/bin/openssl.cnf
Enter PEM pass phrase:
unable to load Private key
23631:error:2006D002:BIO routines:BIO_new_file:system lib:bss_file.c:106:
23631:error:06065064:digital envelope routines:EVP_DecryptFinal:bad
decrypt:evp_enc.c:243:
The private key is present. "nobody" has permissions. It is able to locate
the file. I know this because I put a
non-existent file name as the -key argument. It then told me it couldn't
find the file.
Any ideas. Oracle support has had the problem since November 6. I am following the directions in Note 114444.1
Ian MacGregor
Stanford Linear Accelerator Center
ian_at_slac.stanford.edu
--
Please see the official ORACLE-L FAQ: http://www.orafaq.com
--
Author: MacGregor, Ian A.
INET: ian_at_SLAC.Stanford.EDU
Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051 San Diego, California -- Public Internet access / Mailing Lists --------------------------------------------------------------------To REMOVE yourself from this mailing list, send an E-Mail message to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may Received on Mon Nov 20 2000 - 10:47:37 CST
 |
 |