Hello,
the scope if this mailing list is to help you setting up OpenXPKI based
on the existing community edition examples. Your use case is far beyond
this point, so if you need assistance with your project please consider
contacting White Rabbit Security for commercial support - I am pretty
sure we can find a solution.
best regards
Oliver
On 07.02.25 01:41, [email protected] wrote:
Hello, Oliver.
Thank you for your previous response.
We are currently looking to finalize the method for issuing a
cross-signed certificate between OpenXPKI and Trend Micro.
Specifically, we would like to know the process for issuing a
cross-signed certificate between Trend Micro’s local CA and our own CA
using OpenXPKI.
Could you please confirm the following?
1.
*Steps for Cross-Signing in OpenXPKI*
Could you provide detailed steps for using OpenXPKI to issue a
cross-signed certificate between our CA and Trend Micro’s local CA?
Any advice on settings or processes to be aware of when creating
the certificate would be greatly appreciated.
2.
*Signing Configuration*
We would also like to know how to configure OpenXPKI to ensure
that the certificates issued by OpenXPKI are cross-signed by Trend
Micro’s local CA. What specific steps should we follow to generate
and sign these certificates?
3.
*Interoperability between OpenXPKI and Trend Micro*
Could you also provide guidance on any settings or adjustments
needed to ensure that certificates issued by OpenXPKI work
properly within Trend Micro’s system?
If there are any other tools or special procedures necessary for
performing cross-signing with OpenXPKI, we would appreciate that
information as well.
Thank you very much for your assistance.
On 2025/02/06 18:26, Oliver Welter wrote:
Hello,
I do not really understand what you are trying to achieve - if you
need to issue certificates with OpenXPKI using a cross-signed Issuing
CA this is possible, as the creation of the issuing certificate is
done outside of OpenXPKI.
If you want to use OpenXPKI to sign other subca certificates "on the
fly", this is also possible but this has nothing to do with cross
signing as the certificates are signed by the used OpenXPKI CA (which
can of course be cross-signed by some other CA).
Oliver
--
――――――――――――――――――――――
株式会社 デージーネット
ソリューション開発部
鈴木 奏音
本社(名古屋)TEL: (052)709-7121 FAX: (052)709-7122
e-mail:[email protected]
ホームページ:https://www.designet.co.jp/
――――――――――――――――――――――
--
Protect your environment - close windows and adopt a penguin!
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users
