Ticket #2256 (closed defect: worksforme)
Cannot revoke CA authority certificate
| Reported by: | Lox | Owned by: | ejhernandez@… |
|---|---|---|---|
| Milestone: | 2.0.X | Component: | ca |
| Severity: | blocker | Keywords: | |
| Cc: |
Description
Subject says it all. I click revoke and it is still there.
But I think it has removed it somewhere because when I try to download and openvpn client bundle it gives an error about missing CA certificate.
So, now, I simply can't use OpenVpn? to connect to my office remotely.
Attachments
-
Capture.png
(50.3 KB) -
added by anonymous 3 years ago.
-
ebox.log
(1.3 KB) -
added by lox 3 years ago.
Change History
comment:1 Changed 3 years ago by jsoriano@…
- priority changed from highest to normal
- Type changed from defect to enhancement
- Severity changed from blocker to major
- Milestone set to 2.0.X
comment:2 Changed 3 years ago by Lox
- Type changed from enhancement to defect
- Severity changed from major to blocker
Hello,
How do I create a new CA certificate? I don't have that option anymore, I can only create "child" certificates.
After revoking it, it still appears as active and valid in Zentyal web UI. I can create new "child" certificates but whenever I try to
- revoke it
- renew it
- download a vpn bundle
It says the CA certificate doesn't exists.
Please help me solve that I am blocked. I can't use VPN or connect to Zentyal cloud.
Regards
comment:3 Changed 3 years ago by jsoriano@…
- Status changed from new to closed
- Resolution set to worksforme
Ok, I see the problem now, I've done some tests and I haven't been able reproduce this failure.
Did you only revoked the certificate using Zentyal GUI or you also deleted something by hand?
Could you please attach your ebox.log after trying to revoke the certificate again?
Thanks.
comment:4 Changed 3 years ago by lox
- Status changed from closed to reopened
- Resolution worksforme deleted
I have done nothing by hand.
Here is the ebox.log:
LINE 1: SELECT rfc931 AS username, remotehost AS ip, domain_from_url...
HINT: No function matches the given name and argument types. You might need to add explicit type casts. 2010/09/16 10:17:09 DEBUG> PgDBEngine.pm:311 EBox::PgDBEngine::query - Error querying data: SELECT rfc931 AS username, remotehost AS ip, domain_from_url(url) AS domain, event, code, SUM(bytes) AS bytes, COUNT(event) AS hits FROM squid_access WHERE (squid_access.timestamp >= '2010-9-1 00:00:00' AND squid_access.timestamp < date '2010-9-01 00:00:00' + interval '1 month') GROUP BY username, ip, domain, event, code ; , ERROR: function domain_from_url(character varying) does not exist LINE 1: SELECT rfc931 AS username, remotehost AS ip, domain_from_url...
HINT: No function matches the given name and argument types. You might need to add explicit type casts. 2010/09/16 10:17:11 INFO> Service.pm:670 EBox::Module::Service::restartService - Restarting service for module: events 2010/09/16 10:17:14 INFO> EventDaemon?.pm:301 EBox::EventDaemon::_loadModules - EBox::Event::Watcher::EBackup loaded from registeredEvents 2010/09/16 10:17:14 INFO> EventDaemon?.pm:301 EBox::EventDaemon::_loadModules - EBox::Event::Dispatcher::Log loaded from registeredDispatchers
comment:5 Changed 3 years ago by blah2948@…
- Summary changed from Cannot revoke CA authority certificate to This is the titles hahadggdsgg
comment:6 Changed 3 years ago by jacalvo@…
- Summary changed from This is the titles hahadggdsgg to Cannot revoke CA authority certificate
Hi,
If you are not using the same CA anymore, youll need to distribute new bundles for your users. For that you can create a new CA and a new VPN and generate the bundles from this one.
Anyway we'll review the behaviour of Zentyal for this case.
Thanks for reporting.