CoSign: Collaborative Single Sign-On  

cosign-discuss at
general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


I assume you did start the cosignd program? It can be useful to start the
cosignd program with the -d switch (which prevents it working... and it
prints some nice debugging info to the terminal)


-----Original Message-----
From: ?? [mailto:chen_kuang@xxxxxxx] 
Sent: Tuesday, 3 August 2004 10:15 p.m.
To: brett lomas
Subject: Re: 

Hi Brett,
I reinstall my CA, rehash the CA cert and test it ok with "openssl verify".
Then I can run "consignd -h -x /var/cosign/certs/CA -y
/var/cosign/certs/server.pem -z /var/cosign/certs/serverkey.pem"

It seems to be ok. But when I login from browser--"";,
it's still to display "Error:But not your fault:we were unable to contact
the authentication server.please try again later." I try to find error log
from /var/log/messages or /var/log/boot, but there is nothing about cosign.
Can you give me some good advice or some notes about the weblogin installion
in detail?

Thank you for your patience.

> Hey,
> Cosignd will most of it stuff to /var/log/messages, but also logs to
> /var/log/boot (LOCAL7).
> You will need to install the CA you used to sign the certificate
> into the /var/cosign/certs/CA dir. You will need to use the rehash command
> (I think that's what it is called) to get the hashed values of the CA
> This will be the filename, e.g.:
> openssl x509 -in [your CA cert] -hash -noout
> this will output something like:
> e30cf3fd
> so copy your cert into /var/cosign/certs/CA/e30cf3fd.0
> Brett

Copyright © 2002 - 2004 Regents of the University of Michigan :  Page last updated 15-December-2010