Installing and configuring OpenCA is not that easy – lots of configuration files, templates, XML files, messy directory structures and outdated documentation. So there are chances that you will end up with lot of errors. That’s the reason, I had written plenty of tutorials on OpenCA and its issues. What makes debugging tough is, some errors does not give clue of what the issue is and some might even mislead. Thankfully, OpenCA lets you customize log level and this tutorial will explain how to enable debug option in OpenCA.
Enable debug option in OpenCA
Step 1: To enable the debug option in OpenCA, open log.xml. For example, in my installation the log file is located in /home/openca/etc/openca/log.xml. So you might have to refer the right path in your system.
<openca>
<debug>0</debug>
<stderr>/home/openca/var/openca/log/stderr.log</stderr>
<log>
<debug>0</debug>
<slots>
<!--
<slot>
<name>sys_syslog</name>
<class>*</class>
<level>*</level>
<logger>Syslog</logger>
<type>Sys</type>
<prefix>OpenCA PKI Log Message</prefix>
<facility>local6</facility>
<socket_type>unix</socket_type>
</slot>
-->
<slot>
<name>xml</name>
<class>*</class>
<level>*</level>
<logger>XML</logger>
<dir>/home/openca/var/openca/log/xml</dir>
</slot>
</slots>
</log>
</openca>Step 2: Replace 0 with 1 between <debug>0</debug> and the logs would be written to stderr.log file, located at <openca_install_dir>/var/openca/log/stderr.log.
Step 3: Restart OpenCA daemon.
# <openca_install_dir>/etc/init.d/openca restart
Remember to replace <openca_install_dir> with the OpenCA installation path.
