Hi Oliver. Thanks for letting me know. We have discovered that it is not as straightforward as OPENSSL.
2023年9月26日(火) 15:36 Oliver Welter <[email protected]>: > Hi, > > OpenXPKI does not provide a command line tool to sign certificates - > anything in OpenXPKI is backed by a workflow, you can in theory run a > workflow directly from the console using "openxpkicmd" but this will not > help you without having developed a suitable workflow for this matter. If > you want to automate things, I would suggest to use the RPC interface which > is documented quite well on the RTD pages. > > Oliver > On 26.09.23 03:21, 中島元晴 wrote: > > Hello. > > I am new to OpenXpki, and I have followed the instructions on this page ( > https://openxpki.readthedocs.io/en/latest/quickstart.html#debian-builds) > to build it to the point where it functions in a web browser. > > I would like to replace the shell script that creates client certificates > with OpenSSL with OpenXpki. > > > =============================================================================================================== > #! /bin/bash > > COMMON_NAME="$1" > > mkdir -p "/etc/ssl/client/$COMMON_NAME" > cd "/etc/ssl/client/$COMMON_NAME" > > DAYS=730 > > openssl genrsa -out client.key 2048 > openssl req -new -key client.key -out client.csr -subj > "/CN=$COMMON_NAME/O=XXXX./ST=XXX/C=XX" > > openssl x509 -req -in client.csr -CA /etc/ssl/CA/cacert.pem -CAkey > /etc/ssl/CA/private/cakey.pem -CAcreateserial -out client.crt -days "$DAYS" > > cat client.key client.crt /etc/ssl/CA/cacert.pem | openssl pkcs12 -export > -out "$COMMON_NAME.p12" -passout pass:"$COMMON_NAME" > > rm -fr client*. > > =============================================================================================================== > > I have tried to execute the command for this purpose, but the client > certificate is not being created. > > For example: > openxpkiadm certificate sign --req client.csr --profile > /etc/openxpki/config.d/realm/CA/profile/default.yaml --out client.crt > > Could you please provide some guidance or advice on this matter? > > > > _______________________________________________ > OpenXPKI-users mailing > [email protected]https://lists.sourceforge.net/lists/listinfo/openxpki-users > > -- > Protect your environment - close windows and adopt a penguin! > > _______________________________________________ > OpenXPKI-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/openxpki-users >
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
