Hi, good afternoon. I hope this email finds you well.
I am trying to enable the SCEP using the userGuide. I have followed all the steps and also configured sscep using its guide. I am able to execute the following command and get the certificates from this url : ./sscep getca -c tmp/cacert -u http://localhost/scep/scep However, when I try to enrol using this command mentioned on the userGuide I get the following error. command: ./sscep enroll -u http://localhost/scep/scep \ -k tmp/scep-test.key -r tmp/scep-test.csr \ -c tmp/cacert-0 \ -l tmp/scep-test.crt \ -t 10 -n 1 Error: ./sscep: sending certificate request ./sscep: valid response from server ./sscep: reply transaction id: 358D0C34F7DB43DF0E6957E89CCE6D17 ./sscep: pkistatus: FAILURE ./sscep: reason: Transaction not permitted or supported I get this from scep.log: 2024/07/26 08:50:39 ERR Request was rejected: I18N_OPENXPKI_UI_INVALID_PROFILE [pid=11670|ep=scep] 2024/07/26 08:50:39 WAR Client error / malformed request: badRequest (internal code: 40006) [pid=11670|ep=scep] catchcall.log: 2024/07/26 08:50:39 OpenXPKI.Server.Workflow.Condition.KeyParams.ERROR configuration_error exception thrown from [OpenXPKI::Server::Workflow::Condition::KeyParams: 40; before: OpenXPKI::Server::Workflow::Condition: 53]: You must pass either the profile name or the key_rules directly [pid=18801|user=Anonymous|role=System|sid=8IGh|wftype=certificate_enroll|wfid=5375|pki_realm=democa] 2024/07/26 08:58:28 openxpki.application.INFO Purged 3 expired sessions [pid=18383|sid=vUzz|pki_realm=democa] Error from the ui: Error Code............................................................Invalid Profile I have checked a number of related issues but they haven't suggested a solution suitable for my problem. e.g. https://www.mail-archive.com/openxpki-users@lists.sourceforge.net/msg02780.html It is suggested to change the url. I also tired the process with ./scep/generic but still have the same a similar problem. Error from scep.log: 2024/07/26 10:22:27 ERR Request was rejected: I18N_OPENXPKI_UI_ENROLLMENT_ERROR_SUBJECT_INVALID [pid=11670|ep=generic] 2024/07/26 10:22:27 WAR Client error / malformed request: badRequest (internal code: 40006) [pid=11670|ep=generic] Error from the cli: ./sscep: sending certificate request ./sscep: valid response from server ./sscep: reply transaction id: B423F1066D55B60ACDB313950658A5A1 ./sscep: pkistatus: FAILURE ./sscep: reason: Transaction not permitted or supported >From the ui: Error Code...........................................................Subject is invalid Can u please guide me on how I can fix this? Regards, Romina
_______________________________________________ OpenXPKI-users mailing list OpenXPKI-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openxpki-users
