Re: [PacketFence-users] Where is the packetfence PKI Certificate Authority private key file?

2018-02-05 Thread Yijie Li via PacketFence-users 
Hi Eugene,

Thank you very much for the information. After reading your reply and
reviewing the PKI installation doc a few more times, it seems this is what
I need to do for that Provisioning Entry - Signing tab. I can use the
radius server certificate and private key, together with the pf PKI CA
(just the CA cert), to sign the OSX/IOS provisioning profile. I will give
it a try.



On Sat, Feb 3, 2018 at 6:19 PM, E.P.  wrote:

> Hi Yijie,
>
> I’ve spent some time with PKI as well trying to figure out how to make it
> work and deploy certificates.
>
> Have it currently inaccessible for the reason unknown to me yet, but as
> far as I remember the CA certificate is in *.PEM format and all you have to
> do is manually install it on the endpoint by allowing it installed in the
> default location, i.e. trusted certificate authority. You don’t need the
> private key for CA. Just start MMC, add certificates snapin and import this
> PEM file.
>
> On the contrary, you’d need *.PFX or *.P12 file for the RADIUS server
> itself that contains both the certificate and private key. And you do need
> the password to import it into an endpoint
>
>
>
> Eugene
>
>
>
> *From:* Yijie Li via PacketFence-users [mailto:packetfence-users@
> lists.sourceforge.net]
> *Sent:* Friday, February 02, 2018 1:50 PM
> *To:* packetfence-users@lists.sourceforge.net
> *Cc:* Yijie Li
> *Subject:* [PacketFence-users] Where is the packetfence PKI Certificate
> Authority private key file?
>
>
>
> Hi,
>
>
>
> Regarding this question, I searched the mailing list archive multiple
> times and have googled too. But did not find any solution there.
>
>
>
> I am in the process of configuring pf and pf PKI. Followed this
> instructuion https://packetfence.org/doc/PacketFence_PKI_Quick_Install_
> Guide.html. To add Apple devices provisioner profile, it seems I need to
> paste the PacketFence PKI CA certificate and private key into the
> configuration under Signing tab of Provisioning Entry. Under this
> folder /usr/local/packetfence-pki/ca/, I see the CA certificate file in
> pem format. But the private key file is not there. Tried some intensive
> search, but did not come up anything.
>
>
>
> Where is the pf PKI CA private key? and what is the private key password,
> if any? During CA initialization, there is no user input about where to
> save it, nor about the private key password.
>
>
>
>
>
>
>
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Restarting swicthports errors

2018-02-05 Thread David Harvey via PacketFence-users 
Thank you Christian, my visual scour of the subject list hadn't focused me
onto your thread, so appreciate the pointer - apologies for poor archive
digging @list!

On Mon, Feb 5, 2018 at 8:22 AM, Cristian Mammoli via PacketFence-users <
packetfence-users@lists.sourceforge.net> wrote:

> Hi, see my post "[PacketFence-users] pfappserver::Controller::Node broken
> after update to 7.4" of 01-29
>
> Il 02/02/2018 16:43, David Harvey via PacketFence-users ha scritto:
>
>> Sorry for all the mailing list spam. I've been having a bit of a
>> packetfence tinkering week!
>>
>> Since upgrading to packetfence 7.4 followed by applying the Unifi patch
>> 2735.patch > packetfence/pull/2735.patch> (the latter probably unrelated given the
>> files it touches), i've been seeing failures when attempting to restart
>> swithcports from the GUI.  On screen I get
>>
>> "Error!An error condition has occured. See server side logs for details."
>>
>>
>>
> --
>
> *Cristian Mammoli*
> System Administrator
>
> T.  +39 0731 719822
> www.apra.it 
>
>
> ApraSpa
>
> linksocial
>
> *Avviso sulla tutela di informazioni riservate.* Questo messaggio è stato
> spedito da Apra spa o da una delle aziende del Gruppo. Esso e gli eventuali
> allegati, potrebbero contenere informazioni di carattere estremamente
> riservato e confidenziale. Qualora non foste i destinatari designati,
> vogliate cortesemente informarci immediatamente con lo stesso mezzo ed
> eliminare il messaggio e i relativi eventuali allegati, senza trattenerne
> copia.
>
>
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Restarting swicthports errors

2018-02-05 Thread Cristian Mammoli via PacketFence-users 
Hi, see my post "[PacketFence-users] pfappserver::Controller::Node 
broken after update to 7.4" of 01-29


Il 02/02/2018 16:43, David Harvey via PacketFence-users ha scritto:
Sorry for all the mailing list spam. I've been having a bit of a 
packetfence tinkering week!


Since upgrading to packetfence 7.4 followed by applying the Unifi 
patch 2735.patch 
 (the 
latter probably unrelated given the files it touches), i've been 
seeing failures when attempting to restart swithcports from the GUI.  
On screen I get


"Error!An error condition has occured. See server side logs for details."




--

*Cristian Mammoli*
System Administrator

T.  +39 0731 719822
www.apra.it 


ApraSpa

linksocial

*Avviso sulla tutela di informazioni riservate.* Questo messaggio è 
stato spedito da Apra spa o da una delle aziende del Gruppo. Esso e gli 
eventuali allegati, potrebbero contenere informazioni di carattere 
estremamente riservato e confidenziale. Qualora non foste i destinatari 
designati, vogliate cortesemente informarci immediatamente con lo stesso 
mezzo ed eliminare il messaggio e i relativi eventuali allegati, senza 
trattenerne copia.



--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users