Hi, have a look at this script https://github.com/openxpki/openxpki/blob/develop/qatest/frontend/20_get_entity_cert_rpc.t
If you use the shipped workflow you need to create a client certificate with a subject of "myhost:pkiclient" and put it into tmp/pkiclient.key/crt. Other option is to edit the "certificate_enrollment" workflow and just remove the signature checks. Note that this will open your PKI for any user with access to the webserver ;)
Oliver Am 11.09.2017 um 09:28 schrieb venne:
Hi thanks for your answer.so, I may use some curl style bash loops to create all 200 certificates. I have looked for some examples or docs, but I found just a few informations. could you please give a url or a example to use, lets say, RPC with curl?thanks regards Le 11/09/2017 à 08:01, Oliver Welter a écrit :Hi,I dont get what you want to achieve - why do you want to sign the certificates externally and import them into OpenXPKI later? The puropose of OpenXPKI is to manage certification requests and create certificates from it in a controlled way - there are ways to automate bulk requests e.g. using the SCEP oder RPC interface.Importing certificates also works for entity certificates but the UI just shows certificates that are under management by the system.Oliver Am 08.09.2017 um 16:42 schrieb venne:Hi,I've to create about 200 users certificates, and sign them with an intermediate authority.I think about a massive creating by bash script and importing them with openxpkiadm certificate import --realm myrealm --file my.pemit does the job but i'm unable to view the imported certificate on web gui.I guess that, only ca could be imported. so, what's the right way to deal with it? thanks for your helps regards------------------------------------------------------------------------------Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org!http://sdm.link/slashdot _______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users-- Richard VENNE System and Network Administrator ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
-- Protect your environment - close windows and adopt a penguin!
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
