3. Installation Issues

3.1. FreeBSD and OpenCA

FreeBSD and potentially several other BSDs use an own make. Nearly the complete development of OpenCA is done on Linux. The result is that our makefiles works perfectly with GNU make but there are several unresolved problems with FreeBSD because we cannot test and fix on FreeBSD. The solution is to add GNU make to configure. You can do this this way: Please check Makefile.global_vars to include the correct setting of MAKE. If the correct setting of make is missing then please add the following line: GNU make is fully tested with OpenCA.

3.2. What is a hierarchy level?

OpenCA includes some protection mechanism to avoid state injections during the dataexchange. Therefore you have to configure the level at which OpenCA performs the dataexchange, so that ./configure can make a good preconfiguration. This is only correct for 0.9.1. 0.9.2+ uses OPENCADIR/etc/config.xml to configure the dataexchange.

  1. If you export from a public area to a server with the RA then must use pub.

  2. If you export from a server with a RA to a server with a CA then you have to use ra.

  3. If you export from a server with a RA to a server with a public interface then you have to use ra.

  4. If you export from a server with a CA to a server with a RA interface then you have to use ca.

  5. If you have another case then you have to chosse one of the above defined options and then you have to edit the options for the dataexchange manually like described in the administrator guide.

3.3. Undefined subroutine &main::xyz

Usually the errortext is a little bit more descriptive and looks like this:

Example C.3. Full errormessage for missing functions

[Thu Oct 09 14:50:52 2003] [error] [client 127.0.0.1] Undefined
subroutine &main::configError called at /var/www/cgi-bin/ca/ca line 86.,
referer: http://localhost/htdocs/ca/ 

The reason for such an error is a missing library - in this case misc-utils.lib. There is only one well-known error - you used --enable-package-build as configure option. This happens if somebody uses a configure example which is used for package builds. The disables the installation of all common software parts like modules, libraries and configuration files. If you configure again without --enable-package-build and then run make install-xyz again then all libraries should be present.

3.4. Symbolic link installaton failed

Several user observed that OpenCA 0.9.1.x installation failed during the installation of symbolic links for commands. The errormessage simply reports an already present symbolic link.

Example C.4. Already present symbolic link

 make[8]: Entering directory
`/home/linux/tar/openca-0.9.1.2/src/web-interfaces/ca/cmds'
cd /usr/local/openca.0.9.2/openca/lib/servers/ca/cmds; \
        ln -s ../../../cmds/add_module
ln: `./add_module': File exists
make[8]: *** [/usr/local/openca.0.9.2/openca/lib/cmds/add_module] Error 1
make[8]: Leaving directory
...
make[1]: Leaving directory `/home/linux/tar/openca-0.9.1.2'
make: *** [install-ca] Error 2 
The reason for this failure is a defect symbolic link. The makefile removes an already present symbolic link only if the symbolic link is correct. If the target of the symbolic link doesn't exist then the symbolic link is not removed and the error occurs.

3.5. After the installation all common parts are missing

If the command make install-* doesn't report an error and after the installation all common parts like modules, configuration, libraries, openca-sv and commands are missing then please check your configure options. Sometimes the people simply copying our configuration examples without noticing that some of these examples are used for package creation. These examples include an option --enable-package-build. This option prevents all common stuff from installation to build better packages.