Good Day!
Thanks for help. but I have no success ;(
1) I'm still using version 1.18, since there's no distribution for 1.19
for Ubuntu 14.04 ;(
Will it appear?
2) I stopped on first step: I don't understand how to preset username
field to logged in username?
I try to add line "preset: "[% creator %]"" into
"config.d/realm/ca-NPK/profile/template/username.yaml", but have clear
field.
I tried different options (context.creator, etc.), but nothing has changed.
When I try set it via
OpenXPKI::Server::Workflow::Activity::Tools::SetContextHash, i get
"I18N_OPENXPKI_SERIALIZATION_SIMPLE_READ_DATA_TYPE_NOT_SUPPORTED".
My certificate_signing_request_v2.yaml:
----
...
ENTER_SUBJECT:
label: I18N_OPENXPKI_UI_WORKFLOW_STATE_CSR_ENTER_SUBJECT_LABEL
description: I18N_OPENXPKI_UI_WORKFLOW_STATE_CSR_ENTER_SUBJECT_DESC
action:
# - edit_subject > ENTER_SAN
- npk_fill_subject edit_subject > ENTER_SAN
...
action:
...
npk_fill_subject:
class: OpenXPKI::Server::Workflow::Activity::Tools::SetContextHash
param:
target_key: cert_subj_parts
_map_username: "[% creator %]"
# username: "stace"
----
log:
---
2017/11/16 20:05:06 openxpki.application.INFO Execute action
csr_npk_fill_subject on workflow #3460863
[pid=5156|sid=htLD|wftype=certificate_signing_request_v2|wfid=3460863]
2017/11/16 20:05:06 openxpki.application.INFO Execute action
csr_edit_subject on workflow #3460863
[pid=5156|sid=htLD|wftype=certificate_signing_request_v2|wfid=3460863]
2017/11/16 20:05:06 openxpki.system.ERROR
I18N_OPENXPKI_SERIALIZATION_SIMPLE_READ_DATA_TYPE_NOT_SUPPORTED; __MSG__
=> ; __SEPARATOR__ =>
; __CALLER__ => ARRAY(0x8792880)
[pid=5156|sid=htLD|wftype=certificate_signing_request_v2|wfid=3460863]
2017/11/16 20:05:06 Workflow.ERROR Caught exception from action:
I18N_OPENXPKI_SERIALIZATION_SIMPLE_READ_DATA_TYPE_NOT_SUPPORTED;
__SEPARATOR__ =>
; __CALLER__ => ARRAY(0x8792880); __MSG__ => ; reset workflow to old
state 'ENTER_SUBJECT_CSR_NPK_FILL_SUBJECT_0'
[pid=5156|sid=htLD|wftype=certificate_signing_request_v2|wfid=3460863]
2017/11/16 20:05:06 openxpki.system.ERROR
I18N_OPENXPKI_SERVER_WORKFLOW_ERROR_ON_EXECUTE; __ERROR__ =>
I18N_OPENXPKI_SERIALIZATION_SIMPLE_READ_DATA_TYPE_NOT_SUPPORTED; __MSG__
=> ; __CALLER__ => ARRAY(0x8792880); __SEPARATOR__ =>
; __ACTION__ => csr_edit_subject; __EXCEPTION__ => OpenXPKI::Exception
[pid=5156|sid=htLD|wftype=certificate_signing_request_v2|wfid=3460863]
2017/11/16 20:05:06 openxpki.workflow.ERROR Error executing workflow
activity 'csr_npk_fill_subject' on workflow id 3460863 (type
certificate_signing_request_v2):
I18N_OPENXPKI_SERVER_WORKFLOW_ERROR_ON_EXECUTE; __EXCEPTION__ =>
OpenXPKI::Exception; __ACTION__ => csr_edit_subject; __ERROR__ =>
I18N_OPENXPKI_SERIALIZATION_SIMPLE_READ_DATA_TYPE_NOT_SUPPORTED;
__SEPARATOR__ =>
; __CALLER__ => ARRAY(0x8792880); __MSG__ =>
[pid=5156|sid=htLD|wftype=certificate_signing_request_v2|wfid=3460863]
---
3) I try to use LDAP::Single instead of Simple, but have error:
"I18N_OPENXPKI_SERVER_WORKFLOW_ACTIVITY_TOOLS_CONNECTOR_GET_VALUE_NO_PATH"
If I change "_map_config_key" to "config_key" this error if fixed, but I
get "Can't use an undefined value as a HASH reference at
/usr/share/perl5/Connector/Proxy/Net/LDAP/Single.pm line 77", probably
because the query does not return data ;(
my current notify_expiry.yaml:
---
...
load_userdata:
class:
OpenXPKI::Server::Workflow::Activity::Tools::Connector::GetValue
param:
config_prefix: metadata.user_name
_map_config_key: "[% USE Certificate %][% Certificate.attr(
context.cert_identifier, 'meta_requestor').0 %]"
target_key: user_name
load_userdata_new:
class:
OpenXPKI::Server::Workflow::Activity::Tools::Connector::GetValue
param:
mode: map
config_prefix: metadata.*user_ldap*
# _map_config_key: "[% context.cert_subject_parts.email %]"
# _map_config_key: "[% USE Certificate %][% Certificate.attr(
context.cert_identifier, 'meta_requestor').0 %]"
_map_config_key: "[% context.cert_identifier.meta_requestor %]"
# config_key: "[% context.cert_subject_parts.email %]"
attrmap: user_email -> mail, user_name -> displayName
...
---
my metadata.yaml:
---
...
connectors:
....
user_name:
class: Connector::Proxy::Net::LDAP::Simple
LOCATION: ldap://localhost:389
base: ou=people,dc=int,dc=npk,dc=ru
filter: (uid=[% ARGS.0 %])
attrs: displayName
user_mail:
class: Connector::Proxy::Net::LDAP::Simple
LOCATION: ldap://localhost:389
base: ou=people,dc=int,dc=npk,dc=ru
filter: (uid=[% ARGS.0 %])
attrs: mail
*user_ldap*:
class: Connector::Proxy::Net::LDAP::*Single*
LOCATION: ldap://localhost:389
base: ou=people,dc=int,dc=npk,dc=ru
filter: (uid=[% ARGS.0 %])
attrs: mail, displayName
# attrs: mail, cn
...
---
03.11.2017 13:31, Oliver Welter пишет:
Hi,
for the encoding issue, please try the new 1.19 release. We changed
the serialization format which will hopefully catch those issues.
You have two options to map the LDAP data into the profile. If you
want to keep the input forms, prefill the "cert_subj_parts" hash using
the class OpenXPKI::Server::Workflow::Activity::Tools::SetContextHash
If you dont need the profile forms, you can replace the
"render_subject" activity with a hardcoded action to set the
"cert_subject" context value to the expected string (using
Tools::SetContext).
Oliver
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users
