So is there a way to get the serialNumber actually working? This is a total
showstopper for our project.
//HS
-Original Message-
From: henri.sunde...@iki.fi
Sent: Thursday, February 22, 2024 10:40 AM
To: openxpki-users@lists.sourceforge.net
Subject: Re: [OpenXPKI-users] Profile with
Yes I did, that was not the issue.
-Original Message-
From: Jens Berthold
Sent: Thursday, February 22, 2024 10:28 AM
To: openxpki-users@lists.sourceforge.net
Subject: Re: [OpenXPKI-users] Profile with serialNumber and custom
extensions
Hi Henri,
did you notice the typo, i.e. the
Hi,
Tried this but no luck, its not reading the serial from the CSR.
-Original Message-
From: Oliver Welter
Sent: Wednesday, February 21, 2024 1:26 PM
To: openxpki-users@lists.sourceforge.net
Subject: Re: [OpenXPKI-users] Profile with serialNumber and custom
extensions
Hi Henri,
my
I tried that, but it does not work.
Using the template with preset as set below, it fills serialNumber field
with value "serialNumber". Certificate profile is same as I presented
before. This sounds like a bug - maybe it tries to take key instead its
value?
serial.yaml:
id: serialNumber
label:
I'm trying to make a new certificate profile, with this kind of
requirements:
- Subject shall have serialNumber field, which is copied from CSR
- Extensions shall have a custom OID field with custom bit stream data,
which is copied from CSR
I haven't been able to get any of that working. I
Thanks it mostly did the trick – but still some issues. It seems token rollover
didn’t work.
The crl issuance is trying to use casigner-1, but alias with current cert is
for casigner-2.
I also verified with openssl that crl issuance does work manually.
Maybe this is a novice error,
Is it possible to configure OpenXPKI with AWS CloudHSM Dynamic Engine?
I tried something like this in crypto.yaml:
casigner:
backend: OpenXPKI::Crypto::Backend::OpenSSL
key: /etc/openxpki/ca/subca_private_ref.pem
engine: cloudhsm
engine_section: |
engine_id = cloudhsm
Hi,
I noticed that the community edition has dependency to OpenSSL version 3. I
was wondering if OpenSSL 1 works as well, or is OpenSSL 3 a hard
requirement?
Best regards,
//HS
___
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net