Hi Richard, that stuff is unfortunately not documented very well.
The roles file is just a key/value file with username: role, e.g. Richard: RA OperatorUsing the sample config, the username is the CN part of the certificate, you can also set "serial" or "subject".
Have a look at the documentation of OpenXPKI::Server::Authentication::X509 Oliver Am 12.12.2016 um 14:15 schrieb Richard Franks:
Hi I have got OpenXPKI up and running, and I can perform CA operations with the user/password combinations that I have set up. I would like to do certificate based authentication, however I am unsure how to assign roles to specific users. Within the realm configuration is connector.yaml, which seems to imply that you should define roles in /home/pkiadm/ca-one-x509-roles.yaml, however I am unable to find an example for the syntax of the file. Does one exist? If not, please could someone provide some guidance on how to format the file in order to provide role-based access using certificates? Thanks, Richard ------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today.http://sdm.link/xeonphi _______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
-- Protect your environment - close windows and adopt a penguin!
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
