Sunday, May 22, 2011

OpenCA tutorial

Install OpenCA tutorial

#yum install -y openssl-devel db4 db4-devel mysql-server mysql-devel perl-XML-Parser httpd
# rpm -Uvh openca-tools-1.3.0-1.el5.i386.rpm
# tar xvf openca-base-1.1.1.tar.gz
# cd openca-base-1.1.1
# mysql -u root -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 7
Server version: 5.0.77 Source distribution

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> create database openca;
Query OK, 1 row affected (0.00 sec)

mysql> GRANT ALL PRIVILEGES ON *.* TO 'openca'@'localhost' IDENTIFIED BY '123456';
Query OK, 0 rows affected (0.00 sec)

# mysql -u openca -p

./configure --prefix=/opt/openca \
                 --with-ca-organization="HBN CA Labs" \
                 --with-httpd-fs-prefix=/var/www \
                 --with-httpd-main-dir=pki \
                 --with-db-name=openca \
                 --with-db-host=localhost \
                 --with-db-user=openca \
                 --with-db-passwd=123456 \
                 --with-db-type=mysql \


make install-offline install-online

# service httpd restart

#cd /opt/openca/etc/openca
#vim access_control/node.xml.template
#vim access_control/ca.xml.template
#vim access_control/ra.xml.template
#vim config.xml
#cd /usr/sbin/
#ln -s /opt/openca/etc/init.d/openca openca

1 /opt/openca/lib/openca/perl_modules/perl5/OpenCA/

ERROR: Bareword "ERR_USER_STATUS_UNKNOWN" not allowed while "strict subs" in use at /opt/openca/lib/openca/perl_modules/perl5/OpenCA/ line 373, line 275.


+ use constant ERR_USER_STATUS_UNKNOWN => [ 3100, "Could not determine user status" ];

2 /opt/openca/lib/openca/functions/initServer

 ERROR: Global symbol "$curr_user" requires explicit package name at /opt/openca/lib/openca/functions/initServer line 269, line 275.

 Added: variable declaration:

 - our (%AUTOCONF, $common_libs, $config, $users, $loginUser);

+ our (%AUTOCONF, $common_libs, $config, $curr_user, $users, $loginUser);

 ERROR:  syntax error at /opt/openca/lib/openca/functions/initServer line 753, near ");"


-  i18nGettext ( "OpenCA::User init error!" );

+ i18nGettext ( "OpenCA::User init error!" )

or Download at:
# cd /usr/sbin/
# ln -s /opt/openca/etc/init.d/openca openca
#openca start
Txt file:
Install OpenCA:

Initializate Root CA:

Initializate Sub CA:

Using to sign and encrypt email:

Using for SSL:

Or full:
Thanks for reading
All my Lab:
Linux Lab -- window and Cisco Lab
to be continued - I will update more.  


Young Lad said...

Hello Kendy,

Useful Tutorial, but may I ask what are you trying to do exactly?

I have a project to setup a simple file download system for users with OpenCA authentication by peers. Can you point me where to start? I can't find any PHP scripts out there that use OpenCA.

Tomasz Halapacz said...

Thanks for the videos. Very helpful.

Wafa Ben Hamouda said...

hi, thank you for the tuto but it can't find OpenCA/Tools when doing openca restart


I get the following error when I try to get access to openCA through web interface
OpenCA Error: Server is not online or does not accept requests (/etc/openca/var/openca/tmp/openca_socket - /etc/openca/var/openca/tmp/openca_socket). 0

Anonymous said...

thanks you for the video
please i want to install openca on fedora 23, how do much?
my contact is /

Install Xposed Inspector and Frida on Genymotion

Today i had some work with android. So i need trace application. I found 2 nice tool can help me: Xposed Inspector and Frida. To setup ther...