Hello Oliver ups this was a typo But no badly this is it not... [cid:[email protected]]
Von: Oliver Welter <[email protected]> Gesendet: Mittwoch, 9. Juni 2021 10:37 An: [email protected] Betreff: Re: [OpenXPKI-users] Private Key missmatch Hi Elias, the alias command says "--realm docscf" while you set "--realm democa" for the "is_token_usable" call. Is this a typo or might this be the problem already ;) Oliver Am 09.06.21 um 09:49 schrieb Steiner Elias SBB CFF FFS via OpenXPKI-users: Hello I have the follwoing problem: The ca certificate is not getting online in the openxpki. For the private key I used the same Password as DataVault and saved it to the crypto.yaml The import of the certificate looks good: Input: openxpkiadm alias --realm docscf --token certsign --file ca/subca.cert -key ca/privkey_subca.pem Output: Successfully wrote key to datapool with key 'ca-signer-1' Successfully wrote alias: Alias : ca-signer-1 Identifier: -VqlqCwcePkgAk_gbWmQN4EL6A0 NotBefore : 2021-06-08 13:43:49 NotAfter : 2027-06-07 13:43:49 Token is certsign, looking for root... Creating alias for root ca: Alias : root-1 Identifier: -VqlqCwcePkgAk_gbWmQN4EL6A0 NotBefore : 2021-06-08 13:43:49 NotAfter : 2027-06-07 13:43:49 But: openxpkicli is_token_usable --realm=democa --arg alias=ca-signer-1 returns <undef> As I understand the privat key will be saved in de vault and has not to be at local/keys/docscf/ but sure I also tried this. Is there a step I miss? Elias Elias Steiner SBB AG Informatik / CYBER Poststrasse 6 - Ostermundigen, 3000 Bern 65 Mobil +41 77 257 07 03 [email protected]<mailto:[email protected]> / www.sbb.ch<http://www.sbb.ch> _______________________________________________ OpenXPKI-users mailing list [email protected]<mailto:[email protected]> https://lists.sourceforge.net/lists/listinfo/openxpki-users -- Protect your environment - close windows and adopt a penguin!
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
