Skip to Content.
Sympa Menu

en - [sympa-users] Problem with Load Cert in WWSympa GUI

Subject: The mailing list for listmasters using Sympa

List archive

[sympa-users] Problem with Load Cert in WWSympa GUI

Chronological Thread  
    < Chronological >       < Thread >
  • From: Chuck Okerstrom <address@concealed>
  • To: address@concealed
  • Subject: [sympa-users] Problem with Load Cert in WWSympa GUI
  • Date: Thu, 08 May 2008 16:14:47 -0400

I'm attempting to setup sympa 5.3.2 and I cannot seem to get the S/MIME list functionality to operate as expected. At this point, I'm having problems with importing or downloading a certificate from the WWSympa GUI link. After performing the operations to install a cert for a specific list, the link to "Load Cert" shows up as expected, but does nothing. In /var/log/messages, I get...

May 8 15:28:55 listerine wwsympa[62142]: List::get_cert() x509 -in /usr/local/sympa/expl/t2/cert.pem -outform DER|
May 8 15:28:55 listerine wwsympa[62142]: List::get_cert() List::get_cert(): Unable to open get /usr/local/sympa/expl/t2
/cert.pem in DER format:

... and I'm unable to get this error to change, no matter what I do:

- Tried manually putting normal PEM cert & key in list home directory
- Tried several different types of cert & key type combinations
- Tried converting cert & key to p12 format and then using p12topem.pl script to install the certs
- Tried all kinds of file and path access rights settings to ensure sympa user does have access
- Tried manually converting cert into DER format manually, using...
openssl x509 -in cert.pem -outform DER
... which seems to work just fine.
- Triple verified sympa.conf settings (shown below)
- Searched the List Archives, FAQ, and googled, but nada!

The list does seem to harvest public certs from signed e-mails and from the debug.log messages, seems to verify the signatures. But no error messages are placed in the debug.log file for the "Load Cert" problem.
One other point... I'm currently "playing" with self signed certs, so it's possible I'm getting the cert formatting incorrect or some other stupid user issue, but from all I've read and the fact that I can successfully convert my existing cert & key to the p12 format and use the p12topem.pl script to install them, I don't see how, but mayhaps someone can enlighten me.

So, anyone out there have any suggestions of where to start looking in order to solve this issue? Any hints or suggestions would be appreciated.
Thanx,

Chuck




sympa.conf - SSL specific settings:
==============================
openssl /usr/bin/openssl
capath /usr/local/etc/sympa/ssl
cafile /usr/local/etc/sympa/ssl/ca-bundle.crt
ssl_cert_dir /usr/local/sympa/expl/X509-user-certs
key_passwd XXXXXXXX



  • [sympa-users] Problem with Load Cert in WWSympa GUI, Chuck Okerstrom, 05/08/2008

Archive powered by MHonArc 2.6.19+.

Top of Page