Hi Janet, sorry for my late answer, I was out for a while. Yes, on client side you need an scep client that will transfer you certificate request to the openca server. I used SSCEP on linux / openbsd and my cisco routers have an integrated scep client.
Kind regards, Matthias. On 4/11/07, Janet N <[EMAIL PROTECTED]> wrote: > Hi Matthias, > > Thanks for the prompt response. > > I guess I'm a newbie with scep, but do I need to dowload the scep client as > well? Such at: > > http://www.klake.org/~jt/sscep/ > > Basically user will be using the scep client to request and get the > credential from the ra web interface: > https://<myhost>/cgi-bin/scep/scep > > Thanks, > Janet > > > On 4/11/07, Matthias Alsmann <[EMAIL PROTECTED]> wrote: > > Hi Janet, > > > > On 4/11/07, Janet N <[EMAIL PROTECTED]> wrote: > > > Hi, > > > > > > I now have a working ra and ca :) I would like to use scep for getting > a > > > credential. I'm unclear how to configure scep. I've used > "--enable-scep " > > > configure option when I've first configured the ca and ra. So, I don't > > > believe I have to run 'make install-scep'. > > > > However you have to run make install-scep to install the > > scep-interface of openca. > > > > > > > > 1) In the openca documentation it said to configure "scep.conf" and > > > "config.xml" file > > > > > > In the scept.conf file at > > > /usr/local/openra/openca/etc/servers/, I noticed: > > > ScepRACert "" > > > ScepRAKey "" > > > ScepRAPasswd "" > > > > > > How do I get the RA cert and RA key? Is this the RA operator > credential? > > > If so where do I locate this cert? > > > > When you initialize your pki you can - besides the ca key and cert - > > create other certificates. Otherwise, you can also create a > > certificate for the scep-interface after having initialized your pki. > > In my case i generated a cert for my ra that i used for ssl in apache > > and additional for the scep-interface. > > Where you locate the certificate / key is your choice ;-) but you > > shoul consider security and permissions. In my case I located the cert > > and key two times on the server: one time in the apache-directories > > and one time in an directory of the openca installation, but in a > > production system i would not have done that ;-) > > > > Kind regards, Matthias > > > > > > > > > > > > ------------------------------------------------------------------------- > > > Take Surveys. Earn Cash. Influence the Future of IT > > > Join SourceForge.net's Techsay panel and you'll get the chance to share > your > > > opinions on IT & business topics through brief surveys-and earn cash > > > > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > > > _______________________________________________ > > > Openca-Users mailing list > > > [email protected] > > > > https://lists.sourceforge.net/lists/listinfo/openca-users > > > > > > > > > > > ------------------------------------------------------------------------- > > Take Surveys. Earn Cash. Influence the Future of IT > > Join SourceForge.net's Techsay panel and you'll get the chance to share > your > > opinions on IT & business topics through brief surveys-and earn cash > > > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > > _______________________________________________ > > Openca-Users mailing list > > [email protected] > > https://lists.sourceforge.net/lists/listinfo/openca-users > > > > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share your > opinions on IT & business topics through brief surveys-and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > _______________________________________________ > Openca-Users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/openca-users > > ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
