Installing OpenCA? 0.92

It is advisable to use CPAN to install perl-modules to avoid headaches
Avoid using openssl 0.9.8 with OpenCA? as highlighted here: http://www.mail-archive.com/openca-users@lists.sourceforge.net/msg07453.html

1. Downloaded Tar ball from http://ftp.openca.org/openca/old/0.9.2/openca-0.9.2.5.tar.gz

2. Used OpenCA0? .92 cookbook written by Kevin Mitcham found here: http://www.mail-archive.com/openca-users@lists.sourceforge.net/msg05421.html

3. Installation run as root user (Prob more appropriate to install as openca user). The ./cofigure script for installing the ra was edited as thus in the following areas:
--with-httpd-user=openca \
--with-httpd-group=openca \
All the other parameters where copied and pasted as is, in the cookbook

3.a) The following error was being encountered during "make":

cd ocspd && make
make[4]: Entering directory `/home/tarri/openca0.92/OpenCA-0.9.2.5/src/ocspd'
Making all in src
make[5]: Entering directory `/home/tarri/openca0.92/OpenCA-0.9.2.5/src/ocspd/src'
gcc -DPACKAGE_VERSION=\"0.5.1\\x0\" -D_USE_SEMAPHORES=1 -I../include -I/usr/kerberos/include -g -O2 -c ocspd.c
ocspd.c: In function ‘main’:
ocspd.c:229: warning: incompatible implicit declaration of built-in function ‘strlen’
ocspd.c:248: warning: incompatible implicit declaration of built-in function ‘strcpy’
ocspd.c:314: warning: incompatible implicit declaration of built-in function ‘memset’
ocspd.c:541: warning: incompatible implicit declaration of built-in function ‘strstr’
gcc -DPACKAGE_VERSION=\"0.5.1\\x0\" -D_USE_SEMAPHORES=1 -I../include -I/usr/kerberos/include -g -O2 -c ocsp_response.c
In file included from /usr/include/openssl/pqueue.h:65,
from /usr/include/openssl/dtls1.h:64,
from /usr/include/openssl/ssl.h:998,
from ocsp_response.c:12:
/usr/include/string.h:38: error: expected declaration specifiers or ‘...’ before ‘(’ token
/usr/include/string.h:38: error: expected declaration specifiers or ‘...’ before ‘(’ token
/usr/include/string.h:38: error: expected declaration specifiers or ‘...’ before ‘(’ token
/usr/include/string.h:43: error: expected declaration specifiers or ‘...’ before ‘(’ token
/usr/include/string.h:43: error: expected declaration specifiers or ‘...’ before ‘(’ token
/usr/include/string.h:43: error: expected declaration specifiers or ‘...’ before ‘(’ token
/usr/include/string.h:293: error: conflicting types for ‘bcopy’
/usr/include/string.h:44: error: previous declaration of ‘bcopy’ was here
make[5]: * [ocsp_response.o] Error 1
make[5]: Leaving directory `/home/tarri/openca0.92/OpenCA-0.9.2.5/src/ocspd/src'
make[4]: * [all-recursive] Error 1
make[4]: Leaving directory `/home/tarri/openca0.92/OpenCA-0.9.2.5/src/ocspd'
make[3]: * [ocspd] Error 2
make[3]: Leaving directory `/home/tarri/openca0.92/OpenCA-0.9.2.5/src'
make[2]: * [__install_dir] Error 2
make[2]: Leaving directory `/home/tarri/openca0.92/OpenCA-0.9.2.5/src'
make[1]: * [src] Error 2
make[1]: Leaving directory `/home/tarri/openca0.92/OpenCA-0.9.2.5'
make: * [__install_dir] Error 2

Solution: Disabled ocsp (i.e. deleted it from the configure script) to be installed later as advised here:http://www.mail-archive.com/openca-users@lists.sourceforge.net/msg08050.html

3.b)The ./cofigure script for installing the ca was edited as thus in the following areas:
--with-httpd-user=openca \
--with-httpd-group=openca \
All the other parameters where copied and pasted as is, in the cookbook

4. Created the DB and tested DB no problems encountered. Mysql Db psswords:
root: new-password
openca db:openra

5.Editted httpd.conf as indicated by simply coping and pasting (ScriptAliases? section) and saving changes.

6.Editted config.xml for the ra located in /usr/local/openra/openca/etc. Only configured the Ra organisation,locality nad country.The rest to be edited when appropriate.or when the installation is working well ;)

7.Editted config.xml for the ca as indicated in the cookbook
the dataexchange section was present in the config.xml file for the ca and was editted as indicated as a result the following part was ommitted:
{
if the dataexchange device section is not in config.xml, go to
/usr/local/openca/openca/servers and look at ca-node.conf.template and
ca.conf.template

(/usr/local/openca/openca/etc/servers/ca.conf.template)
line EXPORT_IMPORT_DOWN_DEVICE "/dev/fd0"
to EXPORT_IMPORT_DOWN_DEVICE "/usr/local/openca/openca/var/tmp/ca-down"


line EXPORT_IMPORT_LOCAL_DEVICE "/dev/fd0"
to EXPORT_IMPORT_LOCAL_DEVICE "/usr/local/openra/openca/var/tmp/ra-local"

ra-node.conf.template needs similar updates, as well
ra IMPORT UP DEVICE should be the exact same file as the CA IMPORT_DOWN_DEVICE

}

8. Editted /usr/local/openca/openca/etc/access_control/ ca-node.xml.template
and /usr/local/openca/openca/etc/access_control/ ca.xml.templateas indicated in the cookbook if this is not done a keylength error is encountered at runtime!

9. run configure_etc.sh in /usr/local/openra/openca/etc and follow instructions in cookbook

• config.xml: Reference configuration for OpenCA?