Hi Oliver, still not working.
So my settings are:
./openxpki/rpc/ca-iaxd.yaml:
[global]
log_config = /etc/openxpki/rpc/log.conf
log_facility = client.rpc
socket = /var/openxpki/openxpki.socket
realm = ca-iaxd
[auth]
stack = _System
[RequestCertificate]
workflow = certificate_enroll
param = pkcs10, comment
output = cert_identifier, error_code, data
env = signer_cert
servername = enroll
[RevokeCertificateByIdentifier]
workflow = certificate_revocation_request_v2
param = cert_identifier, reason_code, comment, invalidity_time
env = signer_cert, signer_dn
servername = default
output = error_code
[RevokeCertificateByEntity]
workflow = certificate_revoke_by_entity
param = entity, reason_code, comment
env = signer_cert, signer_dn
servername = default
output = error_code
[SearchCertificate]
workflow = certificate_search
param = common_name
output = cert_identifier, notbefore, notafter, status, data
Doesn't matter if version is 1.20.2 or 2.0.3, I have upgraded to 2.0 now :)
The result is always:
{"result":{"pid":7270,"id":0,"state":"SUCCESS","data":{"notafter":"2018-10-1
2T12:55:56","cert_identifier":"RE5XhSuJpvO9gpQCcC6srYvjHTk","status":"ISSUED
","notbefore":"2018-09-12T12:55:56"}}}
(for SearchCertificate)
RequestCertificate also doesn't return the pem. Should this work out of the
box?
Mit freundlichen Grüßen / Best regards
Andreas Krieger
-----Ursprüngliche Nachricht-----
Von: Oliver Welter [mailto:[email protected]]
Gesendet: Dienstag, 11. September 2018 22:41
An: [email protected]
Betreff: Re: [OpenXPKI-users] Error when Requesting over RPC
Hi Andreas,
I think you need to upgrade to the 2.x branch - the RPC stuff had some major
changes...
> output = cert_identifier, error_code
You are right, the workflow in the repo does not set error_code at all,
looks like a leftover from a "modified" customer version ;) As this is some
kind of whitelist it does not hurt if the value is not present. To continue
with your example, you have to add ", data" here.
> I have added the last line in the certificate_search workflow
>
> get_certificate_data:
> class: OpenXPKI::Server::Workflow::Activity::Tools::SetContext
> param:
> _map_notbefore: "[% USE Certificate %][%
> Certificate.notbefore(context.cert_identifier) %]"
> _map_notafter: "[% USE Certificate %][%
> Certificate.notafter(context.cert_identifier) %]"
> _map_status: "[% USE Certificate %][%
> Certificate.status(context.cert_identifier) %]"
> _map_data: "[% USE Certificate %][%
> Certificate.data(context.cert_identifier) %]"
>
> I think data in Certificate.data(context.cert_identifier) should be
> the data field in the database?
No it isnt - the "USE Certificate" calls the Template Toolit Plugin which
you can find here
https://github.com/openxpki/openxpki/blob/develop/core/server/OpenXPKI/Templ
ate/Plugin/Certificate.pm
> Is there a way to get the certificates as pem?
Yes - but this way only with the HEAD version of the code as we introduced
this just recently:
Certificate.pem(context.cert_identifier)
> I tried it also with download.fcgi but I don't know if it can be uses
> with the latest 1.20 version. It was not installed so I added it from
github.
This should work...
best regards
Oliver
--
Protect your environment - close windows and adopt a penguin!
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
