I don't have sscep on my linux machine, do you know where I can get an
opensource rpm for the sscep client?
Thanks!
On 4/17/07, Matthias Alsmann <[EMAIL PROTECTED]> wrote:
Hi Janet,
sorry for my late answer, I was out for a while.
Yes, on client side you need an scep client that will transfer you
certificate request to the openca server. I used SSCEP on linux /
openbsd and my cisco routers have an integrated scep client.
Kind regards, Matthias.
On 4/11/07, Janet N <[EMAIL PROTECTED]> wrote:
> Hi Matthias,
>
> Thanks for the prompt response.
>
> I guess I'm a newbie with scep, but do I need to dowload the scep client
as
> well? Such at:
>
> http://www.klake.org/~jt/sscep/
>
> Basically user will be using the scep client to request and get the
> credential from the ra web interface:
> https://<myhost>/cgi-bin/scep/scep
>
> Thanks,
> Janet
>
>
> On 4/11/07, Matthias Alsmann <[EMAIL PROTECTED]> wrote:
> > Hi Janet,
> >
> > On 4/11/07, Janet N <[EMAIL PROTECTED]> wrote:
> > > Hi,
> > >
> > > I now have a working ra and ca :) I would like to use scep for
getting
> a
> > > credential. I'm unclear how to configure scep. I've used
> "--enable-scep "
> > > configure option when I've first configured the ca and ra. So, I
don't
> > > believe I have to run 'make install-scep'.
> >
> > However you have to run make install-scep to install the
> > scep-interface of openca.
> >
> > >
> > > 1) In the openca documentation it said to configure "scep.conf" and
> > > "config.xml" file
> > >
> > > In the scept.conf file at
> > > /usr/local/openra/openca/etc/servers/, I noticed:
> > > ScepRACert ""
> > > ScepRAKey ""
> > > ScepRAPasswd ""
> > >
> > > How do I get the RA cert and RA key? Is this the RA operator
> credential?
> > > If so where do I locate this cert?
> >
> > When you initialize your pki you can - besides the ca key and cert -
> > create other certificates. Otherwise, you can also create a
> > certificate for the scep-interface after having initialized your pki.
> > In my case i generated a cert for my ra that i used for ssl in apache
> > and additional for the scep-interface.
> > Where you locate the certificate / key is your choice ;-) but you
> > shoul consider security and permissions. In my case I located the cert
> > and key two times on the server: one time in the apache-directories
> > and one time in an directory of the openca installation, but in a
> > production system i would not have done that ;-)
> >
> > Kind regards, Matthias
> >
> > >
> > >
> > >
>
-------------------------------------------------------------------------
> > > Take Surveys. Earn Cash. Influence the Future of IT
> > > Join SourceForge.net's Techsay panel and you'll get the chance to
share
> your
> > > opinions on IT & business topics through brief surveys-and earn cash
> > >
>
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
> > > _______________________________________________
> > > Openca-Users mailing list
> > > [email protected]
> > >
> https://lists.sourceforge.net/lists/listinfo/openca-users
> > >
> > >
> >
> >
>
-------------------------------------------------------------------------
> > Take Surveys. Earn Cash. Influence the Future of IT
> > Join SourceForge.net's Techsay panel and you'll get the chance to
share
> your
> > opinions on IT & business topics through brief surveys-and earn cash
> >
>
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
> > _______________________________________________
> > Openca-Users mailing list
> > [email protected]
> > https://lists.sourceforge.net/lists/listinfo/openca-users
> >
>
>
>
-------------------------------------------------------------------------
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net's Techsay panel and you'll get the chance to share
your
> opinions on IT & business topics through brief surveys-and earn cash
>
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
> _______________________________________________
> Openca-Users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/openca-users
>
>
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
