Hello Andreas, Am 19.10.2016 um 14:04 schrieb [email protected]:
I try to import a certificate “openxpkiadm certificate import --realm ‘realmname’ --force-no-chain --file ‘filename’”. When I do this I get the following error: ERROR: null value in column "issuer_identifier" violates not-null constraint
Well, thats a bug ;)
Would it help to add the option --issuer? But what exactly is the identifier? If I get the information from a certificate (openssl x509 ….) then I don’t find anything about the issuer identifier.
The identifier is defined by openxpki, so you wont get it from openssl. You can use "openxpkiadm certificate id --file <certificate>" to get the identifier from a PEM encoded certificate.
But the best way would be to import the certificate with its full chain, just start with above import command using the root certificate file and proceed with all further chain certificates. If this is not doable for you, just set the identifier to any non-empty value together with "force-issuer". Note that this might led to unexpected behaviour if you need to build the chain for this certificate. Perhaps you can share what you intend to do, so I can give a better advice.
best regards Oliver
Mit freundlichen Grüßen / Best regards Andreas Krieger operational services GmbH & Co. KG Junior Systems Engineer, Mirrorserver/2 T3-Application Services North Pascalstrasse 11 10587 Berlin | Germany Telefon +49 375 60619 905 [email protected] <mailto:[email protected]> http://www.operational-services.de/ operational services GmbH & Co. KG Sitz der Gesellschaft: Frankfurt am Main HRA: 42500 (AG Frankfurt am Main) Vorsitzender des Aufsichtsrates: Dr. Roland Krieg Geschäftsführer: Dr. Ulrich Müller (Sprecher) / Frank Oidtmann Persönlich haftende Gesellschafterin: operational services Beteiligungs-GmbH Sitz der Gesellschaft: Frankfurt am Main HRB: 74974 (AG Frankfurt am Main) ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
-- Protect your environment - close windows and adopt a penguin!
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
