They are Gemalto smartcards. I can enroll users successfully, but to
enroll security officer (SO) who is capable of managing user-tokens is
the problem.
From: Julius Adewumi
-----Original Message-----
From: pki-users-bounces(a)redhat.com [mailto:pki-users-bounces@redhat.com]
On Behalf Of John Magne
Sent: Monday, July 13, 2009 12:53 PM
To: Adewumi, Julius-p99373
Cc: pki-users(a)redhat.com
Subject: Re: [Pki-users] Error 7 in SOkey enrollment
Just curious, what type of token are you trying?
----- Original Message -----
From: "Julius-p99373 Adewumi" <Julius.Adewumi(a)gdc4s.com>
To: pki-users(a)redhat.com
Sent: Monday, July 13, 2009 10:15:46 AM GMT -08:00 US/Canada Pacific
Subject: [Pki-users] Error 7 in SOkey enrollment
Error 7 in SOkey enrollment
Has anyone familiarity with the following VFY_CreateContext() failure or
the verifyProof failure who can shed some light on what is going on,
config or software release version --suspect is certEnroll()?
Here is a section of the log:
-------------------------------------------
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment -
Successfully read public key buffer
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment -
public_key = (length='271')
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - 00 8b
00 01 04 00 00 80 8d aa
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - cc 88
8d f5 b5 ae 93 72 9c ec
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - 60 c7
3c a8 65 f8 09 62 65 b7
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - 95 8a
fe 5e 75 7e 00 2c ad 06
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - 15 c3
ad 3f 96 39 c9 78 d8 73
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - 07 92
3e 39 d9 3e 88 63 3b 18
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - de 76
6d 33 ec 49 53 25 ce 9c
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - 5b 55
70 fe 4b 60 a0 f9 8a 75
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - 29 9e
90 ac 87 9e fc 2b 1a 55
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - c9 04
00 21 ea 5c e1 f0 2f 0d
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - 72 49
38 47 96 51 3d f2 ab 06
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - 6e 9f
e8 93 e6 22 9b dc ab 3a
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - eb 80
d1 8d 5b 68 b1 6f 66 1b
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - 3a 3d
5d 75 e9 87 00 03 01 00
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - 01 00
80 5f a0 76 96 30 ff 55
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - db d5
4e b5 ed 4e 82 c9 8c d9
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - a7 56
0b bd fd e7 b2 34 c9 50
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - fa 2a
19 88 99 89 a6 80 39 5c
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - ed 89
a8 c8 17 52 b7 04 eb 25
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - 91 b9
35 bd d9 e8 6e 5c 0b 7c
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - 0a 80
bd 3f fc f4 20 a8 b6 61
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - 49 0b
9f 0e c6 8b a5 8c 60 e7
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - d2 46
91 86 93 2f 6c 9d 56 62
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - 30 33
79 84 ba 4d b5 60 14 87
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - 03 8d
cd 17 85 a0 bc 02 21 ff
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - 5c fe
71 cf fd f2 2b 7f 68 bb
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - 1e 38
26 33 96 ff e2 48 66 ef
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - 57
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment -
challenge size=16
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::process - challenge =
(length='16')
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::process - c9 1f 72 35
21 17 90 5a ed ce
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::process - dd a5 c6 9d
ad 51
[2009-07-01 16:35:52] b5b5710 AP_Session::WriteMsg - Sent
's=69&msg_type=14¤t_state=73&next_task_name=PROGRESS_PARSE_PUBLIC_
KEY'
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - About
to Parse Public Key
[2009-07-01 16:35:52] b5b5710 CertEnroll::verifyProof -
VFY_CreateContext() failed
[2009-07-01 16:35:52] b5b5710 CertEnroll::ParsePublicKeyBlob - verify
proof failed
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::DoEnrollment - Failed
to parse public key
[2009-07-01 16:35:52] b5b5710 RA_Enroll_Processor::GenerateCertificate -
Got a status error from DoEnrollment: 7
[2009-07-01 16:35:53] b5b5710 AP_Session::WriteMsg - Sent
's=42&msg_type=13&operation=1&result=1&message=7'
----------------------------------------
The config seems to show that Private Key is to be generated on the
Token for SO mode (Security Officer Mode enrollment). It is during this
Private Key generation that this failure occurs each time. Any input
will help. The lkast line of the log is where Error 7 was spawned.
From: Julius Adewumi
@GDC4S.com
Ph:480-441-6768
Contract Corp:MTSI
_______________________________________________
Pki-users mailing list
Pki-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/pki-users
_______________________________________________
Pki-users mailing list
Pki-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/pki-users