sending to alias also... ---------- Forwarded message ---------- From: Rafael Leiva-Ochoa <[email protected]> Date: Thu, Mar 29, 2018 at 3:35 PM Subject: Re: [Pki-users] SAN for Launch page. To: Marc Sauton <[email protected]>
It did not work. I am still getting SAN errors when using the Launch page. I viewed the Cert that was issued to the launch page, and it is still missing the SAN. Here is my ca.cfg: [CA] [email protected] pki_admin_name=caadmin pki_admin_nickname=caadmin pki_admin_password=xxxxxxxx pki_admin_uid=caadmin pki_san_inject=True pki_san_for_server_cert=dogtag-ca-root.test.com pki_client_database_password=xxxxxxxx pki_client_database_purge=False pki_client_pkcs12_password=xxxxxxxxxx pki_ds_base_dn=dc=test,dc=com pki_ds_database=pki-tomcat pki_ds_password=xxxxxxx pki_ca_signing_subject_dn=cn=TEST Root CA,ou=TEST Certification Authority,c=US Thanks, Rafael On Thu, Mar 29, 2018 at 2:50 PM, Rafael Leiva-Ochoa <[email protected]> wrote: > Thanks, I will give that a try. > > On Thu, Mar 29, 2018 at 12:57 PM, Marc Sauton <[email protected]> wrote: > >> Try to add to the pkispawn config file, for example: >> pki_san_inject=True >> pki_san_for_server_cert=ca01.example.com,ca02.example.com,ca.example.com >> >> Note for the "non-internal" certificates, there is a way to modify >> enrollment profiles to add a SAN, but a recent updated feature is described >> in the page at >> http://www.dogtagpki.org/wiki/PKI_10.4_Copy_CN_To_SAN >> >> Thanks, >> M. >> >> On Thu, Mar 29, 2018 at 11:42 AM, Rafael Leiva-Ochoa <[email protected]> >> wrote: >> >>> Hi Everyone, >>> >>> I am trying to build a new CA, and I am using the ca.cfg file to >>> create the CA, but when I create the CA, the SAN is missing from the >>> website cert (:8443). I am trying to look for the right value to put on the >>> ca.cfg file for the SAN, so the the launch page does not give me SAN >>> errors. Here is what I found, but nothing relating to the SAN: >>> >>> [CA] >>> [email protected] >>> pki_admin_name=caadmin >>> pki_admin_nickname=caadmin >>> pki_admin_password=Secret.123 >>> pki_admin_uid=caadmin >>> >>> pki_client_database_password=Secret.123 >>> pki_client_database_purge=False >>> pki_client_pkcs12_password=Secret.123 >>> >>> pki_ds_base_dn=dc=ca,dc=pki,dc=example,dc=com >>> pki_ds_database=ca >>> pki_ds_password=Secret.123 >>> >>> pki_security_domain_name=EXAMPLE >>> >>> Any ideas? >>> >>> Rafael >>> >>> _______________________________________________ >>> Pki-users mailing list >>> [email protected] >>> https://www.redhat.com/mailman/listinfo/pki-users >>> >> >> >
_______________________________________________ arm mailing list -- [email protected] To unsubscribe send an email to [email protected]
