Found the solution here...Thanks again! https://www.redhat.com/archives/pki-devel/2015-April/msg00077.html
On Thu, Mar 29, 2018 at 8:06 PM, Rafael Leiva-Ochoa <[email protected]> wrote: > sending to alias also... > > ---------- Forwarded message ---------- > From: Rafael Leiva-Ochoa <[email protected]> > Date: Thu, Mar 29, 2018 at 3:35 PM > Subject: Re: [Pki-users] SAN for Launch page. > To: Marc Sauton <[email protected]> > > > It did not work. I am still getting SAN errors when using the Launch page. > I viewed the Cert that was issued to the launch page, and it is still > missing the SAN. Here is my ca.cfg: > > [CA] > > [email protected] > > pki_admin_name=caadmin > > pki_admin_nickname=caadmin > > pki_admin_password=xxxxxxxx > > pki_admin_uid=caadmin > > > pki_san_inject=True > > pki_san_for_server_cert=dogtag-ca-root.test.com > > > pki_client_database_password=xxxxxxxx > > pki_client_database_purge=False > > pki_client_pkcs12_password=xxxxxxxxxx > > > pki_ds_base_dn=dc=test,dc=com > > pki_ds_database=pki-tomcat > > pki_ds_password=xxxxxxx > > > pki_ca_signing_subject_dn=cn=TEST Root CA,ou=TEST Certification > Authority,c=US > > > Thanks, > > Rafael > > On Thu, Mar 29, 2018 at 2:50 PM, Rafael Leiva-Ochoa <[email protected]> > wrote: > >> Thanks, I will give that a try. >> >> On Thu, Mar 29, 2018 at 12:57 PM, Marc Sauton <[email protected]> wrote: >> >>> Try to add to the pkispawn config file, for example: >>> pki_san_inject=True >>> pki_san_for_server_cert=ca01.example.com,ca02.example.com,ca.example.com >>> >>> Note for the "non-internal" certificates, there is a way to modify >>> enrollment profiles to add a SAN, but a recent updated feature is described >>> in the page at >>> http://www.dogtagpki.org/wiki/PKI_10.4_Copy_CN_To_SAN >>> >>> Thanks, >>> M. >>> >>> On Thu, Mar 29, 2018 at 11:42 AM, Rafael Leiva-Ochoa <[email protected]> >>> wrote: >>> >>>> Hi Everyone, >>>> >>>> I am trying to build a new CA, and I am using the ca.cfg file to >>>> create the CA, but when I create the CA, the SAN is missing from the >>>> website cert (:8443). I am trying to look for the right value to put on the >>>> ca.cfg file for the SAN, so the the launch page does not give me SAN >>>> errors. Here is what I found, but nothing relating to the SAN: >>>> >>>> [CA] >>>> [email protected] >>>> pki_admin_name=caadmin >>>> pki_admin_nickname=caadmin >>>> pki_admin_password=Secret.123 >>>> pki_admin_uid=caadmin >>>> >>>> pki_client_database_password=Secret.123 >>>> pki_client_database_purge=False >>>> pki_client_pkcs12_password=Secret.123 >>>> >>>> pki_ds_base_dn=dc=ca,dc=pki,dc=example,dc=com >>>> pki_ds_database=ca >>>> pki_ds_password=Secret.123 >>>> >>>> pki_security_domain_name=EXAMPLE >>>> >>>> Any ideas? >>>> >>>> Rafael >>>> >>>> _______________________________________________ >>>> Pki-users mailing list >>>> [email protected] >>>> https://www.redhat.com/mailman/listinfo/pki-users >>>> >>> >>> >> > >
_______________________________________________ arm mailing list -- [email protected] To unsubscribe send an email to [email protected]
