Philipp Gühring wrote:
Additionally: Can anyone provide me with a Test-installation of OpenCA with
SCEP, so that I can try it out?
now - since scep is a protocol with no human interaction there is no
web-interface in this sence ;) but there is code which handels the requests
you will find it in this files:
.../OpenCA/lib/cmds/scepGetCACert
.../OpenCA/lib/cmds/scepPKIOperation
the first one handels step one - client request ca-ra-certificates/chains
and the second one handels the scep messages following this first auth step
after a client requests a certificat via scep - you will see the request
in the normal interface like any other request and can apply the
apropriate workflow to it
if a certificate is granted (and exported to the ra) the client can
fetch it through scep
the url of the scep-'interface' (which has to given to the client) looks
something like (depending on your openca configuration and webserver
setup):
http://pki.fem.tu-ilmenau.de/operating/004/pub/cgi-bin/scep/scep
alternativly it can also called like:
http://pki.fem.tu-ilmenau.de/operating/004/pub/cgi-bin/scep/pkiclient.exe
if u access this page (without any parameters) through a webbrowser u
usally should see an error message:
Error 700, General Error. This interface is only for SCEP.
if you add: ?operation=GetCACert you will get the ca-cert in pkcs7
format... like the client would do, this can also be read in the
scep-rfc-drafts
greetings
dalini
-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO September
19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
