Hello Cho,as I think this might be valuable to other users too, I added an option to the default class:
https://github.com/openxpki/openxpki/commit/dba2239a9599aeec9a790f36d4d3b83f3933fd66It will be included with the next release, so no need to trick around with local copies. You just need to add "include_root_cert: 1" as parameter to the workflow action definition.
Oliver Am 18.05.2017 um 19:28 schrieb Oliver Welter:
Hi Cho, not by config, but with a minor change to the class. In the CertificateExport.pm file, look around line 45: my $p = { IDENTIFIER => $cert_identifier, FORMAT => $key_format, PASSWORD => $key_password, ALIAS => $alias, }; and add "KEEPROOT => 1" to the parameter list. You should make a copy of the file and rename it, otherwise it will be overriden by the next update. Oli Am 17.05.2017 um 12:14 schrieb Cho Chan:Hi all, when I download private key in pkcs12/jks format -> the generated file format contains private key, public certs + Issuing/Intermediate CA. Is there a possibility to include also RootCA inside? I found out the following workflow: certificate_privkey_export.yaml containing the class OpenXPKI::Server::Workflow::Activity::Tools::CertificateExport which based on the documentation is supporting parameter template with chain An ARRAY of PEM encoded intermediates, might be empty. it is written only intermediates, but not Root one... Is there such possibility and if yes can you please give me some details how to do it? Thank you in advance! Regards, Cho ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
-- Protect your environment - close windows and adopt a penguin!
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
