Using the patched version of openscep maintained on Tomas Gustavsson-2 website as a base ( and applied a few other patches mentioned in this maillist ), I managed to get openscep compiled. But after setting up, I tried running 'scep' to test it, the scep will segmentation fault :-
init.c:103: added oid 2.16.840.1.113733.1.9.6 for name recipientNonce
init.c:103: added oid 2.16.840.1.113733.1.9.7 for name transId
init.c:103: added oid 2.16.840.1.113733.1.9.8 for name extensionReq
init.c:103: added oid 1.3.6.1.4.1.4263.5.5 for name proxyAuthenticator
init.c:127: scep structure initialized
scep.c:340: decoded URL 192.168.188.3|80|/cgi-bin
scep.c:131: public key decoded
Enter PEM pass phrase:
scep.c:150: private key decoded @0x80565f0
scep.c:363: end request coincides with SCEP client
fingerprint.c:70: computing MD5 fingerprint
fingerprint.c:59: the fingerprint is 'A296893BA9F1DE62DE18D4922E4863B2'
scep.c:396: transaction ID is A296893BA9F1DE62DE18D4922E4863B2
scep.c:405: CA certificate read
selfsigned.c:56: serial set to trans id
selfsigned.c:112: setting signing context failed
selfsigned.c:142: self signed certificate ......
scep.c:530: self signed certificate created
scep.c:538: senderNonce set
encode.c:40: encode of client message
encode.c:62: using CA cert for recipient
encode.c:66: using self signed cert for signature
encode.c:98: writing a message of type PKCSReq, status (not set)
encode.c:128: converting X509 request
encode.c:163: payload to encrypt: 471 bytes
Segmentation Fault.
It appears to be that the port of OpenSCEP isn't quite ported well to OpenSsl 0.9.8. Wonder if anyone has a copy which works ?
Regards.
