Hi Mukilan,
if you look at the workflow history you will very likely see the output
of a crashed OpenSSL command. The OpenXPKI default backend uses the
openssl binary to sign CSRs and this does not work if the PCKS10
container is not properly formated/signed.
We had such a problem at a customer installation some time ago with
broken appliances and ended up with a patched version of OpenSSL doing
the job.
best regards
Oliver
On 15.11.22 13:59, Mukilan P via OpenXPKI-users wrote:
Hi Experts,
This is further to the above query. I changed the value
verify_signature to 0 in workflow/global/validator/pkcs10_valid.yaml
like below, but getting 'PREPARED' status instead of SUCCESS
class: OpenXPKI::Server::Workflow::Validator::PKCS10
param:
empty_subject: 1
verify_signature: 0
arg:
- $pkcs10
On Tuesday, 15 November, 2022 at 12:29:57 pm GMT+1, Mukilan P via
OpenXPKI-users <[email protected]> wrote:
Hi Experts,
Is there any way to disable pkcs10 signature verification as part of
enroll/renewal in OpenXPKI?
Thanks in advance.
Regards,
Mukilan
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users
--
Protect your environment - close windows and adopt a penguin!
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users
