HELP!!!! mod_tsa:could not load X.509 certificate

Fri, 18 Feb 2011 01:44:51 -0800 

Hello!
I have days trying to install the timestamp service with openTSA, but I have
troubles with Step 14: Generate a private key and a certificate Including
the critical TimeStamping X.509v3 extended key usage extension for the TSA
and set-up options in the configuration mod_tsa httpd.conf, see the
documentation for the available mod_tsa mod_tsa-specific directives.

In the tsa.conf I have:

<IfModule mod_tsa.c>

<Location /tsa>
    SetHandler tsa
    Order allow,deny
    Allow from all
</Location>

 TSASerialFile conf/tsaserial

# TSACryptoDevice builtin

 TSACertificate /root/tssCRT.pem

#TSACertificateChain /home/ca_certs

TSAKey /root/tssKey.pem

TSAKeyPassPhrase Off

TSADefaultPolicy 1.1.2

TSAPolicies 1.1.3 1.1.4

TSAMessageDigests sha1 md5

TSAAccuracy 60 0 0

TSAClockPrecisionDigits 0

TSAOrdering Off

TSAIncludeName On

TSAESSCertIdChain On

# TSADBModule None

# TSAMySQLHost localhost

# TSAMySQLPort 3306

# TSAMySQLUnixSocket /tmp/mysql.sock

# TSAMySQLUser zglozik

# TSAMySQLDatabase tsa

# TSAMySQLPassPhrase On

# TSAFireBirdHost localhost

# TSAFireBirdPort 3306

# TSAFireBirdUnixSocket /tmp/firebird.sock

# TSAFireBirdUser SYSDBA

# TSAFireBirdDatabase tsa

# TSAFireBirdPassPhrase On

# TSAPostgreSQLHost localhost

# TSAPostgreSQLPort 5432

# TSAPostgreSQLUser www

# TSAPostgreSQLDatabase tsa

# TSAPostgreSQLPassPhrase On

</IfModule>

In the httpd.conf I have:

LoadModule tsa_module         /usr/lib/apache2/modules/mod_tsa.so
LoadModule ssl_module         /usr/lib/apache2/modules/mod_ssl.so

Include /root/mod_tsa/tsa.conf

ServerName Localhost

In my apache log gives the following error:

[Thu Feb 17 19:23:09 2011] [notice] mod_tsa:database driver is set to: None
[Thu Feb 17 19:23:09 2011] [warn] Init: Session Cache is not configured
[hint: SSLSessionCache]
[Thu Feb 17 19:23:09 2011] [warn] module tsa_module is already loaded,
skipping
[Thu Feb 17 19:23:09 2011] [warn] module tsa_module is already loaded,
skipping
[Thu Feb 17 19:23:09 2011] [notice] mod_tsa:re-initialization started
[Thu Feb 17 19:23:09 2011] [notice] mod_tsa:serial file is re-used:
/etc/apache2/conf/tsaserial
[Thu Feb 17 19:23:09 2011] [notice] mod_tsa:crypto device is set to: builtin
[Thu Feb 17 19:23:09 2011] [error] mod_tsa:could not load X.509 certificate:
/root/tssCRT.pem
[Thu Feb 17 19:23:09 2011] [error]
mod_tsa:1510:error:2F083075:lib(47):func(131):reason(117):ts_rsp_sign.c:206:
[Thu Feb 17 19:23:09 2011] [emerg] exiting, fatal error during mod_tsa
initialisation.

They know that I can be doing wrong?
Appreciate your help.
And not know what else to do, and create the certificate with extension for
Time Stamping.

Thanks!

Reply via email to