Re: [OpenXPKI-users] Issue importing certificates on fresh install

Fri, 17 Oct 2025 07:49:27 -0700 

Hello Christopher,
well then filename is indeed not matching the creation command, but other that that it works here without any issues: 


oxi certificate add --cert vault-1.crt

---
authority_key_identifier: 24:AA:A9:CD:93:26:B3:C7:0E:81:BA:91:E1:94:85:DB:E9:A6:E4:03 
cert_key: '144190056262678494722881524214083757204349808996'
identifier: 2tXmBAP2H1WohVH1VGUfcGK54lE
issuer_dn: CN=DataVault
issuer_identifier: 2tXmBAP2H1WohVH1VGUfcGK54lE
notafter: 1792248381
notbefore: 1760712381
status: ISSUED
subject: CN=DataVault
subject_key_identifier: 24:AA:A9:CD:93:26:B3:C7:0E:81:BA:91:E1:94:85:DB:E9:A6:E4:03
The certificate file should contain a PEM encoded certificate, can you check this please? 


Oli


On 10/16/25 09:22, Kristoffer Nilsson wrote:
I'm setting up an OpenXPKI instance on a freshly installed Debian Bookworm installation but I'm running into an issue when creating and attempting to import the datavault token.
I've followed the instructions in the quickstart to create the datavault token key for the assymetric vault but I am unable to add the certificate using the supplied command. No matter what way I type out the certificate path I get the error "The value for parameter *cert* does not match the expected type/pattern."
Running the oxi command with the verbose flags did not offer me much assistance in figuring out what I did wrong. I've also made sure that the overall configuration is OK by running the "openxpkiadm lintconfig" command. There is also nothing written to the openxpki-server or openxpki-client logs when the "oxi certificate add" command is executed. 

Commands used:

$ mkdir -p -m755 /etc/openxpki/local/keys
$ cd /etc/openxpki/local/keys
$ openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:3072 -aes-256-cbc \ 
      -out vault-1.pem
$ openssl req -config /etc/openxpki/contrib/vault.openssl.cnf -x509 -days 365 \ 
      -key vault-1.pem -out vault-1.crt
$ oxi certificate add --cert vault.crt

also tried with:

$ oxi certificate add --cert vault-1.crt
Any idea where I'm going wrong or what may cause this particular error message? 


_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users


--
Protect your environment -  close windows and adopt a penguin!

_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users






















					Reply via email to