Hi Oliver, I am still fighting with EST and now I did a curl against the proper endpoint: "simpleenroll"
"curl https://172.31.1.201/.well-known/est/simpleenroll -s -o meuteste.p7 --data-binary @req.p10 -H "Content-Type: application/pkcs10" --dump-header resp.hdr" I get this in Technical Log: WARN No policy params set in LoadPolicy (anonymous) And this in Workflow history: enroll_render_subject EXCEPTION: I18N_OPENXPKI_SERVER_WORKFLOW_ACTIVITY_TOOLS_RENDER_SUBJECT_NO_PROFILE; __PROFILE__ => EMPTY, __STYLE__ => enroll $ cat meuteste.p7 Internal Server Error In est.log I see a " 'wf_exception' => 'I18N_OPENXPKI_SERVER_WORKFLOW_ACTIVITY_TOOLS_RENDER_SUBJECT_NO_PROFILE'," but I can not follow what that means. Regards, Jeff On Mon, 23 Dec 2019 at 09:43, Oliver Welter <[email protected]> wrote: > Hi Jeff, > > while trying to track down the empty debug message I recognized that > simple_re_enroll is not properly handled by the current script. Please > use "simpleenroll" for the moment or use the patched version from github. > > Oliver > > Am 20.12.19 um 13:17 schrieb Jefferson Dümes: > > Hi people, > > > > I am missing something in my tests when trying the simpleenroll just > > like the example in Step 4 from http://testrfc7030.com/. > > > > Initially I left out the "--anyauth -u estuser:estpwd" part cause I > > don't know what should I enter in it. Then tryed a valid operator user, > > but the logs still show " EST unauthenticated (no cert) ". > > > > The Question is, what I am missing ? > > > > > > --- > > curl https://172.31.1.25/.well-known/est/simplereenroll --anyauth -u > > raop:openxpki -s -o meuteste.p7 --cacert cacerts.pem > > --data-bin│techsupp@j00s-tpki01:mgmt-automation$ sudo systemctl restart > > openxpkid > > ary @req.p10 -H "Content-Type: application/pkcs10" --dump-header resp.hdr > > > > --- > > tail -f /var/log/openxpki/est.log > > 2019/12/20 11:47:28 INFO:28251 EST handler initialized > > 2019/12/20 11:47:28 DEBUG:28251 Incoming request > > /.well-known/est/simplereenroll > > 2019/12/20 11:47:28 DEBUG:28251 calling context is https > > 2019/12/20 11:47:28 DEBUG:28251 EST unauthenticated (no cert) > > 2019/12/20 11:47:28 TRACE:28251 > > 2019/12/20 11:47:28 INFO:28251 Disconnect client > > 2019/12/20 11:47:28 DEBUG:28251 Initialize client > > 2019/12/20 11:47:28 DEBUG:28251 Started volatile session with id: > > vrrUw48GQpmK7Q9N4qP4mg== > > 2019/12/20 11:47:28 DEBUG:28251 Selecting realm automation > > > > Regards, > > Jeff > > > > > > _______________________________________________ > > OpenXPKI-users mailing list > > [email protected] > > https://lists.sourceforge.net/lists/listinfo/openxpki-users > > > > > -- > Protect your environment - close windows and adopt a penguin! > > _______________________________________________ > OpenXPKI-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/openxpki-users >
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
