Hi Oliver, You are absolutely right, RA Operator can do anything. It was me that playing around slipped some lines into CA Operator mistakenly.
Thank you, Carlos Oliver Welter escribió el 19/08/2021 a las 17:47:
Hi, no Mutlirole is not supported but you do not need the CA Operator at all, the RA Operator role can do anything. Oliver Am 19.08.21 um 12:47 schrieb Carlos Velasco:Hello, I am newbie in Openxpki. I just installed v3.12 and testing it. As this is mainly for my personal usage I got a bit tired of continuously login/logout between CA Operator and RA Operator, so I thought that adding the two roles to the user in handler.yaml would work: TestAccounts: type: Password user: caop: digest: "{ssha}..." role: RA Operator,CA Operator And yes, it works for the menus, but doesn't work at all for the operations. Webui show errors like "Unable to load workflow information", and openxpki logs show errors too: catchall[539787]: 2021/08/19 10:10:54 openxpki.auth.INFO Login successful (user: caop, role: RA Operator,CA Operator) [pid=539787|sid=luLD] catchall[539787]: 2021/08/19 10:10:59 openxpki.system.ERROR I18N_OPENXPKI_UI_WORKFLOW_CREATE_NOT_ALLOWED; __REALM__ => democa, __ROLE__ => RA Operator,CA Operator, __WF_TYPE__ => certificate_signing_request_v2 [pid=539787|sid=luLD] catchall[539787]: 2021/08/19 10:10:59 openxpki.system.WARN I18N_OPENXPKI_UI_WORKFLOW_CREATE_NOT_ALLOWED; __REALM__ => democa, __ROLE__ => RA Operator,CA Operator, __WF_TYPE__ => certificate_signing_request_v2 [pid=539787|sid=luLD] catchall[539787]: 2021/08/19 10:10:59 openxpki.system.ERROR User is not authorized to fetch workflow info; __type__ => certificate_signing_request_v2 [pid=539787|sid=luLD] So, I suppose multiple roles for 1 user is not the way to go. How can I create 1 user with access to RA and CA interfaces and functionality? Regards, Carlos Velasco _______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users-- Protect your environment - close windows and adopt a penguin! _______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
