Re: [Pki-users] cloning a CA fails

Hello, in the meantime i got it working. The problem was the master CA setup: after instantating the ca the certs have been replaced by the certs from another instance - but the entires clone*.privkey.id <http://privkey.id> had not been updated. After recognizing this I only had to match the (unsigned) output of certutil -K with the (signed) params in CS.cfg. I did this by inserting some "System.out.println" into com.netscape.cmsutil.crypto.CryptoUtil findPrivateKeyFromID() and patching the new .class-File into the .jar-file. Watching the catalina.out while trying to clone the ca gave then all needed infos. Another fresh install after that completed without problems. Yours, Alexander Jung _______________________________________________ Pki-users mailing list Pki-users(a)redhat.com https://www.redhat.com/mailman/listinfo/pki-users