OK I learned some things on my own.
I created the following batch_data_process.txt
USER user1
PROCESS gen_certs_2
SET_STATE new_process
ROLE Smartcard
SUBJECT_ALT_NAME_1
email:us...@gdls.com,otherName:1.3.6.1.4.311.20.2.3;UTF8:us...@gdls.com
SUBJECT UID=user1,CN=Joe Blow,OU=Employees,DC=gdls,DC=com
LOA_MODE NORMAL
LOA 4
and added it to my dataexchange tar file
Then selected "QuickImport" which slurped up the dataexchange file. At
this point, if I tried to reimport the same user I would get an error so I
found that I could reset things by deleting the contents of file
$OPENCADIR/var/openca/bp/users.txt and delete the contents of directory
$OPENCADIR/var/openca/bp/users. Of course, this only works if your just in
test dealing with one user ;)
And then I selected "Do one step for all workflows" Yes for both CA and BP
key certificates. It then asked for the CA key twice (since I didn't
create a seperate BP certificate).
I noticed that in the RA interface that it doesn't have any options to
download the PKCS#12 file. Is this normal for the UI? Never fear, though,
these files are located in $OPENCADIR/var/openca/bp/dataexchange
directory.
My next problem was to determine the PIN assigned. This can be done in the
Batch UI by selecting Export PIN. I found that if you want to issue Export
PIN more than once you will get an error. To clear the error, you have to
delete the file $OPENCADIR/var/openca/bp/dataexchange/pin_list (BTW, this
is the list of PINs exported).
My remaining issue is that our normal requests have extra fields like
phone number, etc that aren't in the DN of the certificate. They are just
additional request attributes. How can those be accomodated????
Dave
This is an e-mail from General Dynamics Land Systems. It is for the intended
recipient only and may contain confidential and privileged information. No one
else may read, print, store, copy, forward or act in reliance on it or its
attachments. If you are not the intended recipient, please return this message
to the sender and delete the message and any attachments from your computer.
Your cooperation is appreciated.
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users
