Hi, > Is there a way to disable (or hide for a profile) the possibility of > generating the key on the server, while requesting a certificate ? > > It is on the page Request certificate -> we choose the profile -> and there > we can generate key on server and Upload CSR. > > I would like to let only available for the users the CSR upload ?
Yes, this is possible. It’s documented here: https://openxpki.readthedocs.io/en/latest/reference/configuration/profile.html#key-parameters Set key.generate to „client" for the profile and it will only be possible to upload CSRs. > The best would be to be able to let it active for admin profiles and to > disable or hide the key generation on server for user profiles. You mean admins shall be able to perform server side key generation but users shall only be allowed to upload CSRs? With the shipped configuration this is not possible but it could be implemented by modifying the workflow accordingly. Cheers Martin _______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
