Hi Christian,
On Wed, Aug 01, 2007 at 07:01:02PM +0200, Christian Huldt wrote:
> OK, after installation it seems the docs end at "Setting up the CA
> certificate and key"
Yes, unluckily, nothing more has been written yet. Please bear with us.
> I noticed that openxpkiadm version 0.9.984 seems to have missed one
> function call for list_pki_realms (which seems to be rename to list_realms)
Well spotted, I've just committed a patch.
> Is there a suggested "best practice" wrt get going?
> Should I tweak configuration manually or using openxpki*?
>
> I assume I start by importing a certificate....
Yes, generating a key, creating a CA certificate for this key and then
importing the certificate (and any root CA certificates if this is a sub
CA) would be the recommended approach. Use aliases to link the CA
certificate configured in your config.xml to the one in your database
(openxpkiadm certificate alias). You should then have a working CA,
but to actually use it to issue a certificate, you will still need to
unlock the CA key (login as CA Operator on the web interface) ...
HTH,
Alex
--
Dipl.-Math. Alexander Klink | IT-Security Engineer
[EMAIL PROTECTED] | working @ urn:oid:1.3.6.1.4.1.11417
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users
