Hi Cesar,
> I've just tried to use batch processors to generate certificates and it works. Is there any way to generate key pairs on the client side instead of generate p12 files on the server side ?
I dont know if/how it is possible to create a csr/cert without the private key - I think it will work some way...
I assume this will work, so this is the way to go
1) create the keypair and store the public key within the batch_prcess_data.txt like this:
USER 2247ABCCD71C15A3 PROCESS portal24 SET_STATE imported_pubkey ROLE User ....... [EMAIL PROTECTED] PIN----- -----BEGIN PKCS7----- PUT YOUR PEM FORMATTED KEY HERE -----END PKCS7----- -----END PIN-----
This will create a file "publicKey" in the "public" dir of a users workflow. The file contains the "-----BEGIN/END PKCS7----" limters and the data between.
2) create a new state "imported_pubkey" (name it what you like) and put this in "SET_STATE" paramter like above example
3) You have to create a new batch function in openca/lib/bp that will create a csr from the given key (use create_csr.sub as template)
4) Insert the new funtion and state into the Batch-System's configfiles (openca/etc/bd/)
HTH
Oliver
-- Diese Nachricht wurde digital unterschrieben oliwel's public key: http://www.oliwel.de/oliwel.crt Basiszertifikat: http://www.ldv.ei.tum.de/page72
smime.p7s
Description: S/MIME Cryptographic Signature
