Xca

From ConShell
Jump to navigation Jump to search

Introduction

xca is a graphical application that runs on Linux, FreeBSD and Windows to manage certificates as a Certificate Authority.

To install Xca on Ubuntu you'll want to use v0.6.4 from Mark Foster's Launchpad - see his PPA page for instructions.

Compilation notes - CentOS 5 -- 2007-Nov-24

Host is c5. Version is 0.6.3

Prerequisites

yum install qt4 qt4-devel linuxdoc-tools openssl-devel

Build

Setting QTDIR explicitly 

[mdf@c5 xca-0.6.3]$ export QTDIR=/usr/lib/qt4
[mdf@c5 xca-0.6.3]$ CFLAGS="-Wall -g -I/usr/lib/qt4/include/Qt/" prefix=/tmp/foo ./configure

Configuring XCA 0.6.3
----------------------------
Found: Qt/qobject.h at /usr/lib/qt4/include

ERROR: The QT Library headerfiles were not found. Set QTDIR appropriately.

Found: libQtGui.so at /usr/lib/qt4/lib
Found: openssl/opensslv.h at /usr/include
Found: libcrypto.so at /usr/lib

The Versions of the used libraries are:
        OpenSSL 0.9.8b 04 May 2006
        QT: 4.2.1
GNU Make 3.81

A usable 'make' executable was found in /usr/bin/gmake

An error occured. Please edit 'Local.mak' manually if compiling fails.

$ prefix=/tmp/foo make
...
Ok, compilation was successfull. 
Now do as root: 'make install'

$ prefix=/tmp/foo make install

Even so... 

[mdf@c5 ~]$ xca
Locale:'C'; Prefix:'/usr/share/xca'
Segmentation fault

Must dig deeper.

Compilation notes - Ubuntu Jaunty - 2009-10-08

Trying to get xca-0.7.0 compiled. I removed two patch file brought over from the 0.6.4 build but still encounter this error. 

cc -I. -I.. -I/tmp/buildd/xca-0.7.0/ui -I/usr/include/qt4 -I/usr/include/qt4/Qt -g -O2  -c moc_db_base.cpp -o moc_db_base.o
ld -Wl,-Bsymbolic-functions  -r -o target.obj  db_crl.o  db_key.o  db_temp.o  db_x509.o  db_x509req.o  db_x509super.o  pki_base.o  db_base.o  asn1int.o  oid.o  pki_pkcs7.o  x509rev.o  asn1time.o  pass_info.o  pki_temp.o  x509v3ext.o  pki_x509.o  func.o  pki_crl.o  pki_x509req.o  load_obj.o  pki_key.o  pki_x509super.o  main.o  pki_pkcs12.o  x509name.o  db.o  import.o  pki_multi.o  moc_db_crl.o  moc_db_key.o  moc_db_temp.o  moc_db_x509.o  moc_db_x509req.o  moc_db_x509super.o  moc_pki_base.o  moc_db_base.o
ld: unrecognized option '-Wl,-Bsymbolic-functions'
ld: use the --help option for usage information
make[2]: *** [target.obj] Error 1
make[2]: Leaving directory `/tmp/buildd/xca-0.7.0/lib'
make[1]: *** [lib/target.obj] Error 2
make[1]: Leaving directory `/tmp/buildd/xca-0.7.0'
make: *** [build-stamp] Error 2

Resolution TBD.

Compilation notes - FreeBSD 6.2 Release - 2007-Jun-05

Note: host is fred

Added REPLACECMD to fix lib/import.cpp to NOT reference malloc.h but stdlib.h instead.

Create manual local.h (normally generated by configure, but we don't run that... it's broken on FreeBSD)


Need to remedy the problems seen in make... 

...
gmake -C doc
gmake[1]: Entering directory `/usr/ports/security/xca/work/xca-0.6.3/doc'
gzip -9 <xca.1 >xca.1.gz
B html xca.sgml
gmake[1]: B: Command not found
gmake[1]: [xca.html] Error 127 (ignored)
gmake[1]: Leaving directory `/usr/ports/security/xca/work/xca-0.6.3/doc'
gmake -C lang
gmake[1]: Entering directory `/usr/ports/security/xca/work/xca-0.6.3/lang'
/usr/local/bin/lrelease-qt4 xca_de.ts -qm xca_de.qm
Updating 'xca_de.qm'...
    Generated 463 translations (461 finished and 2 unfinished)
    Ignored 67 untranslated source texts
/usr/local/bin/lrelease-qt4 xca_es.ts -qm xca_es.qm
Updating 'xca_es.qm'...
    Generated 62 translations (0 finished and 62 unfinished)
    Ignored 468 untranslated source texts
gmake[1]: Leaving directory `/usr/ports/security/xca/work/xca-0.6.3/lang'


Need to remedy the problems seen in make install... 

# make install
===>  Installing for xca-0.6.3_1
===>   xca-0.6.3_1 depends on package: qt4>=4.2.3 - found
===>   Generating temporary packing list
===>  Checking if security/xca already installed
gmake -C ui headers
gmake[1]: Entering directory `/usr/ports/security/xca/work/xca-0.6.3/ui'
gmake[1]: Nothing to be done for `headers'.
gmake[1]: Leaving directory `/usr/ports/security/xca/work/xca-0.6.3/ui'
gmake DEP=yes -C lib target.obj
gmake[1]: Entering directory `/usr/ports/security/xca/work/xca-0.6.3/lib'
gmake[1]: `target.obj' is up to date.
gmake[1]: Leaving directory `/usr/ports/security/xca/work/xca-0.6.3/lib'
gmake DEP=yes -C widgets target.obj
gmake[1]: Entering directory `/usr/ports/security/xca/work/xca-0.6.3/widgets'
gmake[1]: `target.obj' is up to date.
gmake[1]: Leaving directory `/usr/ports/security/xca/work/xca-0.6.3/widgets'
gmake DEP=yes -C img target.obj
gmake[1]: Entering directory `/usr/ports/security/xca/work/xca-0.6.3/img'
gmake[1]: `target.obj' is up to date.
gmake[1]: Leaving directory `/usr/ports/security/xca/work/xca-0.6.3/img'
install -m 755 -d /usr/local/bin
install -m 755 xca /usr/local/bin
/usr/bin/strip /usr/local/bin/xca
for d in misc lang doc; do \
          gmake -C $d install; \
        done
gmake[1]: Entering directory `/usr/ports/security/xca/work/xca-0.6.3/misc'
install -m 755 -d /usr/local/share/xca/ \
                /usr/local/share/applications
install -m 644 *.txt *.xca /usr/local/share/xca
install -m 644 xca.desktop /usr/local/share/applications
gmake[1]: Leaving directory `/usr/ports/security/xca/work/xca-0.6.3/misc'
gmake[1]: Entering directory `/usr/ports/security/xca/work/xca-0.6.3/lang'
install -m 755 -d /usr/local/share/xca
install -m 644 xca_de.qm xca_es.qm /usr/local/share/xca
gmake[1]: Leaving directory `/usr/ports/security/xca/work/xca-0.6.3/lang'
gmake[1]: Entering directory `/usr/ports/security/xca/work/xca-0.6.3/doc'
B html xca.sgml
gmake[1]: B: Command not found
gmake[1]: [xca.html] Error 127 (ignored)
install -m 755 -d /usr/local/share/xca \
                /usr/local/man/man1
install -m 644 xca*.html /usr/local/share/xca
install: xca*.html: No such file or directory
gmake[1]: *** [install] Error 71
gmake[1]: Leaving directory `/usr/ports/security/xca/work/xca-0.6.3/doc'
gmake: *** [install] Error 2
*** Error code 2

Stop in /usr/ports/security/xca.

Compilation notes - Ubuntu Dapper - 2007-Apr-16

# aptitude install libssl-dev libqt4-dev
...
# ./configure
Configuring XCA 0.6.2
----------------------------
Found: Qt/qobject.h at /usr/include/qt4
Found: libQtGui.so at /usr/lib
Found: openssl/opensslv.h at /usr/include
Found: libcrypto.so at /usr/lib
The Versions of the used libraries are:
        OpenSSL 0.9.8a 11 Oct 2005
        QT: 4.1.2
GNU Make 3.81beta4

A usable 'make' executable was found in /usr/bin/make

# make
...
Ok, compilation was successfull.
Now do as root: 'make install'
# make install

Packaging notes - Ubuntu Feisty - 2007-Oct-03

See http://women.debian.org/wiki/English/PackagingTutorial and https://wiki.ubuntu.com/UbuntuDevelopment and DebianPackaging

I had to tweak the rules file to call configure command as just ./configure, because xca uses a non-standard configure script. Tweak the configure script. change prefix=/usr

Packaging notes - Ubuntu Hardy - 2008-08-11

Christian Hohnstädt is the author, working directory: ~/proj/xca/ 

 wget http://internap.dl.sourceforge.net/sourceforge/xca/xca-0.6.4.tar.gz
 mv xca-0.6.4.tar.gz xca_0.6.4.orig.tar.gz
 tar xzvf xca_0.6.4.orig.tar.gz
 cd xca-0.6.4/
 dh_make --copyright BSD --email mark@foster.cc --single

Now tweak...

  • debian/rules...
    • just ./configure (without all the arguments)
  • debian/copyright
  • debian/control
    • add libqt4-dev, openssl, linuxdoc-tools to Build-Depends:
  • debian/changelog
    • change unstable to hardy and anything else out of whack.
dpkg-buildpackage -S -us -uc -rfakeroot

Here I verified I have a valid gpg key using 

gpg --list-keys mark@foster.cc

and upload same just to be sure 

gpg --keyserver subkeys.pgp.net --send-key E0753E06

mdf@monk:~$ gpg --fingerprint E0753E06
pub   1024D/E0753E06 2007-10-03 [expires: 2009-10-02]
      Key fingerprint = 7A23 95FA 230A 45BF AEEB  D937 2D14 019A E075 3E06
uid                  Mark Foster (2007-Oct-2009 GPG key) <mark@foster.cc>
sub   2048g/6DDDECD7 2007-10-03 [expires: 2009-10-02]

Paste the fingerprint into Launchpad interface to submit the key.

Get the confirmation email, decrypt and click the link to confirm.

NOW I can sign the package when building. 

dpkg-buildpackage -S -sa -kE0753E06 -rfakeroot
sudo pbuilder create
sudo pbuilder build ../*.dsc
(snore....)

Here I get the usual x509rev.cpp error so often encountered in the past. 

...
gcc -I. -I.. -I/tmp/buildd/xca-0.6.4/ui -I/usr/include/qt4 -I/usr/include/qt4/Qt -g -O2  -c x509rev.cpp -o x509rev.o
x509rev.cpp: In constructor 'x509rev::x509rev(const X509_REVOKED*)':
x509rev.cpp:28: error: invalid conversion from 'void*' to 'char*'
x509rev.cpp:28: error:   initializing argument 3 of 'void* ASN1_dup(int (*)(void*, unsigned char**), void* (*)(void**, const unsigned char**, long int), char*)'
x509rev.cpp: In member function 'x509rev& x509rev::set(const X509_REVOKED*)':
x509rev.cpp:46: error: invalid conversion from 'void*' to 'char*'
x509rev.cpp:46: error:   initializing argument 3 of 'void* ASN1_dup(int (*)(void*, unsigned char**), void* (*)(void**, const unsigned char**, long int), char*)'
x509rev.cpp: In member function 'X509_REVOKED* x509rev::get() const':
x509rev.cpp:90: error: invalid conversion from 'void*' to 'char*'
x509rev.cpp:90: error:   initializing argument 3 of 'void* ASN1_dup(int (*)(void*, unsigned char**), void* (*)(void**, const unsigned char**, long int), char*)'
make[2]: *** [x509rev.o] Error 1

At this point, I reviewed my email and rememebered how Daniel Mueller had pointed me to http://revu.ubuntuwire.com/revu1-incoming/xca-0712241310/ for the fix and there I (also) found the patch(es) and also more accurate rules file with which to proceed. I blatantly copied some of his work but only because it was obviously abandoned.

Here I encountered another weird error. ld -Wl,-Bsymbolic-functions -r -o target.obj db_crl.o db_key.o db_temp.o db_x509.o db_x509req.o db_x509super.o pki_base.o db_base.o asn1int.o oid.o pki_pkcs7.o x509rev.o asn1time.o pass_info.o pki_temp.o x509v3ext.o pki_x509.o func.o pki_crl.o pki_x509req.o load_obj.o pki_key.o pki_x509super.o main.o pki_pkcs12.o x509name.o db.o import.o moc_db_crl.o moc_db_key.o moc_db_temp.o moc_db_x509.o moc_db_x509req.o moc_db_x509super.o moc_pki_base.o moc_db_base.o

(I lost the actual error, but it was a problem with ld) I found configure:LD=${LD:=ld} and changed it to say LD=ld

That wasn't it, I saw this fly by on the next attempt 

dpkg-buildpackage: set LDFLAGS to default value: -Wl,-Bsymbolic-functions

So LDFLAGS is the culprit. Added line 37 of configure to say LDFLAGS=""

Next problem, docbook-to-man not found. This was added to debian/rules, but must be wrong. Removing. We won't have a man page, but I can live with that. 

$ dput revu *_source.changes
Checking Signature on .changes
gpg: Signature made Mon 11 Aug 2008 11:38:59 PM PDT using DSA key ID E0753E06
gpg: Good signature from "Mark Foster (2007-Oct-2009 GPG key) <mark@foster.cc>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 7A23 95FA 230A 45BF AEEB  D937 2D14 019A E075 3E06
Good signature on /home/mdf/proj/xca/xca_0.6.4-1_source.changes.
Checking Signature on .dsc
gpg: Signature made Mon 11 Aug 2008 11:38:56 PM PDT using DSA key ID E0753E06
gpg: Good signature from "Mark Foster (2007-Oct-2009 GPG key) <mark@foster.cc>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 7A23 95FA 230A 45BF AEEB  D937 2D14 019A E075 3E06
Good signature on /home/mdf/proj/xca/xca_0.6.4-1.dsc.
Uploading to revu (via ftp to revu.tauware.de):
  xca_0.6.4-1.dsc: done.
  xca_0.6.4.orig.tar.gz: done.    
  xca_0.6.4-1.diff.gz: done. 
  xca_0.6.4-1_source.changes: done.
Successfully uploaded packages.
Not running dinstall.


Refer to DebianPackaging for the whole scoop.

QA Testing

Some things to validate the package is healthy

  1. Menu item with icon appears in Gnome (or KDE or XFCE?)
  2. Program runs as expected, can open existing database or create new one
  3. Help brings up the help pages
  4. Man page works

Related

Retrieved from "https://conshell.net/wiki/index.php?title=Xca&oldid=5626"