Hi James,
access to the certificates in the "null" realm via the CLI tools is
unfortunately not working so in case you want to check this you need to
look directly into the database :(
However the "root" alias will be automatically populated on import of
the signer certificate, so there is n
Hi,
Some background information may be useful here:
When importing a certificate into the OpenXPKI database, the system tries to
build a certificate chain up to a know Root CA certificate. If no chain can be
built, import is refused (there are ways to override this, though).
For chain building
Hi,
I didn't want to gate crash this thread
> examples of crypto.yaml desired.
but similar(ish) question.
I wanted to use openxpki to generate our own self signed certificates.
These are not for public use - just internally.
I am running this in docker, at least for testing.
We do not have
Hi John,
please do not use OpenXPKI (and the sampleconfig) for the RootCA, please
do yourself a favour and make that a dedicated process and use e.g. our
"clca" tool for it.
Educated guess on the topic - you changed the key password used in the
sampeconfig.sh but did not change the password
On Wed, February 14, 2024 04:41, Martin Bartosch via OpenXPKI-users wrote:
> Hi,
>
> Some background information may be useful here:
Thank you very much. This information is most useful.
On Wed, February 14, 2024 07:36, Oliver Welter wrote:
>
> please do not use OpenXPKI (and the sampleconfig)
On 14/02/2024 13:36, Oliver Welter wrote:
Hi John,
Hi and thanks for responding!
please do not use OpenXPKI (and the sampleconfig) for the RootCA, please
do yourself a favour and make that a dedicated process and use e.g. our
"clca" tool for it.
Yes I knew you would say that ;-) I was j
On Wed, February 14, 2024 07:36, Oliver Welter wrote:
> Educated guess on the topic - you changed the key password used in the
> sampeconfig.sh but did not change the password in OpenXPKI (crypto.yaml,
> section secret). The sampleconfig is exactly what the name indicates, a
> quick way to get a d
