Hi everyone, I am using OpenXPKI 2.0.3 on Debian 8.11.
Using SCEP I try to enroll device certificates to my debian clients, which are members of a samba4 domain. Due to this all clients already have a kerberos client token available. In documentations I can find that workflow context "valid_kerb_authen" indicates "Request was authenticated using kerberos (not implemented yet)". Additionally I see that the documentation for "The workflow context" is "outdated - needs adjustment for new workflow". ( https://openxpki.readthedocs.io/en/latest/reference/configuration/workflows/scep.html?highlight=kerberos#the-workflow-context ) My questions due to this are: Is the "valid_kerb_authen" available in meantime (since documentation is outdated)? Can this flag be used to auto approve the initial enrollment of client certificates? - If yes, is there some documentation / experience how this can be accomplished? Thanks to everyone for your feedback.
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
