Hi, I'm using OpenXPKI for a project and need some help with the following issues:
*1. Certificate Profile* After installing the OpenXPKI in a Debian 10 VM, I ran the sampleconfig.sh script which created a Root CA, an Issuing CA, and the following certificate profiles: - default.yaml - sample.yaml - tls_server.yaml - tls_client.yaml - user_auth_enc.yaml I need an additional Device Identity certificate profile to authenticate devices based on a GUID rather than hostname. So, I made a copy of the tls_client.yaml called deviceid.yaml and updated the fields. When I opened OpenXPKI UI in a web browser, this new certificate profile did not appear in the drop down list. How do I add it to drop down list? Note: I did stop and restart both OpenXPKI and Apache services as well cleared my web browser cache. *2. Drop Down List* How do I update the values in the drop down list? I noticed the following relationships: - tls_server.yaml = TLS/Web - tls_client.yaml = TLS Client - user_auth_enc.yaml = People (Secure eMail / Authentication) I didn't see in the documentation or mailing list on how to have the name Device Identity in the drop down list. *3. Config Error* In 3 different instances, I ended up getting the error message: Loaded config does not contain system node. at /usr/lib/x86_64-linux-gnu/perl5/5.20/OpenXPKI/Config.pm line 73 For 2 of those instances, I successfully installed OpenXPKI; started the service; and issued certificates via the UI. During the first time, I changed a value in one of the above certificate profiles or handler.yaml with the service still running. When I tried to shut down the service, I received this error message. During the second time, I shut down the service first and then made the changes. But, I received this error message trying to start the service. For the third instance, I made the changes right after installing OpenXPKI. Then, I tried to start the service and received this error message. The system directory was available within realm and it had the right permissions for the openxpki user to read the files. It happened a fourth time, but I was able to recover from it. Before I made the changes to the certificate profiles, I copied the original files to new files with .orig file name. Then, I updated the .yaml files. When I received the error message, I deleted the .yaml files with my changes and restored from the .orig files. In the other 3 instances, I did not have back up files. It is a really strange error. Is there something else causing this error message? Thank you, Michael
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
