Hi Robert, what was the actual problem? Would be nice if you could share your insights for others.
Oliver Am 17.08.21 um 18:12 schrieb Robert Krahl: > Hello everyone, > > I have found the described error. > As Olivier described, I had to make adjustments to the openxpki/tls > folder. > Additionally I had to remove the -k flag in the curl command, which I > have set in the intital request. > > Greetings > Robert > > Am Mo., 16. Aug. 2021 um 16:30 Uhr schrieb Robert Krahl > <[email protected] <mailto:[email protected]>>: > > Hi Oliver, > > So I need to replace the "dummy.crt" in "/etc/openxpki/tls/chain" > with the "OpenXPKI_Issuing_CA.crt" and enter "c_rehash > /etc/openxpki/tls/chain/"? > After doing so and restarting the docker container, I am still > having the same problem as described... > > ---------- > root@...:/var/log/openxpki# tail -f est.log > 2021/08/12 08:46:15 INFO:73 EST handler initialized > 2021/08/12 08:46:16 INFO:73 Disconnect client > 2021/08/12 12:13:51 DEBUG:71 Config for service est loaded > 2021/08/12 12:13:51 INFO:71 EST handler initialized > 2021/08/12 12:13:51 DEBUG:71 Incoming request > /.well-known/est/simpleenroll > 2021/08/12 12:13:51 DEBUG:71 Autodetect config file for service est: > default.conf > 2021/08/12 12:13:51 DEBUG:71 calling context is https > 2021/08/12 12:13:51 DEBUG:71 EST unauthenticated (no cert) > 2021/08/12 12:13:51 DEBUG:71 Autodetect config file for service est: > default.conf > 2021/08/12 12:13:51 DEBUG:71 $VAR1 = { > 'workflow' => 'certificate_enroll', > 'pickup_attribute' => 'transaction_id', > 'pickup' => 'pkcs10' > }; > 2021/08/12 12:13:51 DEBUG:71 Pickup via attribute with > transaction_id => > e0fff73e7ddf65f94c239e7f1b8c0ecd707fdc38 > 2021/08/12 12:13:51 DEBUG:71 Initialize client > 2021/08/12 12:13:51 DEBUG:71 Started volatile session with id: > LOtvQJ2OTdS0oRYR6pBaiA== > 2021/08/12 12:13:51 DEBUG:71 Selecting auth stack _System > 2021/08/12 12:13:51 DEBUG:71 Pickup 767 for > e0fff73e7ddf65f94c239e7f1b8c0ecd707fdc38 > 2021/08/12 12:13:51 DEBUG:71 request for workflow info on 767 > 2021/08/12 12:13:51 INFO:71 Disconnect client > ---------- > > ---------- > Request was rejected: > I18N_OPENXPKI_UI_ENROLLMENT_ERROR_NOT_AUTHENTICATED > ---------- > > I really want to make it work, but I'm still lost in doing so... > > Robert > > Am Do., 12. Aug. 2021 um 16:08 Uhr schrieb Oliver Welter > <[email protected] <mailto:[email protected]>>: > > Hi Robert, > > Am 12.08.21 um 14:26 schrieb Robert Krahl: > > > > Acceptable client certificate CA names > > CN = Placeholder for TLS Client Auth > > you must replace this with your issuing ca certificate, it is > in the > openxpki/tls/chain folder, after placing the PEM encoded > certifiate > there you need to create the symlink with the hash-name using the > "c_rehash" tool. > > Oliver > > -- > Protect your environment - close windows and adopt a penguin! > > > _______________________________________________ > OpenXPKI-users mailing list > [email protected] > <mailto:[email protected]> > https://lists.sourceforge.net/lists/listinfo/openxpki-users > <https://lists.sourceforge.net/lists/listinfo/openxpki-users> > > > > _______________________________________________ > OpenXPKI-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/openxpki-users -- Protect your environment - close windows and adopt a penguin!
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
