Re: [OpenXPKI-users] Profile with serialNumber and custom extensions

So is there a way to get the serialNumber actually working? This is a total showstopper for our project. //HS -Original Message- From: henri.sunde...@iki.fi Sent: Thursday, February 22, 2024 10:40 AM To: openxpki-users@lists.sourceforge.net Subject: Re: [OpenXPKI-users] Profile with

Re: [OpenXPKI-users] Profile with serialNumber and custom extensions

Yes I did, that was not the issue. -Original Message- From: Jens Berthold Sent: Thursday, February 22, 2024 10:28 AM To: openxpki-users@lists.sourceforge.net Subject: Re: [OpenXPKI-users] Profile with serialNumber and custom extensions Hi Henri, did you notice the typo, i.e. the

Re: [OpenXPKI-users] Profile with serialNumber and custom extensions

Hi, Tried this but no luck, its not reading the serial from the CSR. -Original Message- From: Oliver Welter Sent: Wednesday, February 21, 2024 1:26 PM To: openxpki-users@lists.sourceforge.net Subject: Re: [OpenXPKI-users] Profile with serialNumber and custom extensions Hi Henri, my

Re: [OpenXPKI-users] Profile with serialNumber and custom extensions

I tried that, but it does not work. Using the template with preset as set below, it fills serialNumber field with value "serialNumber". Certificate profile is same as I presented before. This sounds like a bug - maybe it tries to take key instead its value? serial.yaml: id: serialNumber label:

Re: [OpenXPKI-users] Profile with serialNumber and custom extensions

I'm trying to make a new certificate profile, with this kind of requirements: - Subject shall have serialNumber field, which is copied from CSR - Extensions shall have a custom OID field with custom bit stream data, which is copied from CSR I haven't been able to get any of that working. I

Re: [OpenXPKI-users] AWS CloudHSM?

Thanks it mostly did the trick – but still some issues. It seems token rollover didn’t work. The crl issuance is trying to use casigner-1, but alias with current cert is for casigner-2. I also verified with openssl that crl issuance does work manually. Maybe this is a novice error,

[OpenXPKI-users] AWS CloudHSM?

Is it possible to configure OpenXPKI with AWS CloudHSM Dynamic Engine? I tried something like this in crypto.yaml: casigner: backend: OpenXPKI::Crypto::Backend::OpenSSL key: /etc/openxpki/ca/subca_private_ref.pem engine: cloudhsm engine_section: | engine_id = cloudhsm

[OpenXPKI-users] OpenSSL 1 vs 3 support?

Hi, I noticed that the community edition has dependency to OpenSSL version 3. I was wondering if OpenSSL 1 works as well, or is OpenSSL 3 a hard requirement? Best regards, //HS ___ OpenXPKI-users mailing list OpenXPKI-users@lists.sourceforge.net