Am 07.08.24 um 21:34 schrieb Andreas Piesk:
Hi list,
I tried scep getcrl against the demosite but it didn't work:
abc.crt and abc.key have been generated on demo.openxpki.org beforehand.
root@pki:~/sscep-0.10.0# openssl x509 -noout -subject -in CA.pem-0
subject=CN = oxi-ce-demo.rackport.net:scep-ra
root@pki:~/sscep-0.10.0# ./sscep getcrl -u http://demo.openxpki.org/scep/test
-c CA.pem-0 -l abc.crt -w bla -k abc.key -v
./sscep: starting sscep, version 0.10.0
./sscep: new transaction
./sscep: transaction id: SSCEP transactionId
./sscep: hostname: demo.openxpki.org
./sscep: directory: scep/test
./sscep: port: 80
./sscep: SCEP_OPERATION_GETCAPS
./sscep: connecting to demo.openxpki.org:80
./sscep: server response status code: 200, MIME header: text/plain
Renewal
POSTPKIOperation
SHA-512
SHA-384
SHA-256
SHA-224
SHA-1
DES3
AES
./sscep: SCEP_OPERATION_GETCRL
./sscep: requesting crl
./sscep: request data dump
./sscep: data payload size: 69 bytes
./sscep: successfully encrypted payload
./sscep: envelope size: 682 bytes
./sscep: creating outer PKCS#7
./sscep: PKCS#7 data written successfully
./sscep: payload size: 3142 bytes
./sscep: connecting to demo.openxpki.org:80
./sscep: server response status code: 500, MIME header: text/html
./sscep: wrong (or missing) MIME content type
./sscep: error while sending message
Should it work? Do I holding it wrong or is it an issue on the demosite?
I tested it on my demo setup and got these messages:
==> /var/log/openxpki/scep.log <==
2024/08/08 07:38:28 INF SCEP handler initialized [pid=20097|ep=[undef]]
==> /var/log/openxpki/openxpki.log <==
2024/08/08 07:38:28 INFO Login successful (user: Anonymous, role: System)
[pid=20098|sid=dqOi|pki_realm=democa]
==> /var/log/openxpki/catchall.log <==
2024/08/08 07:38:28 openxpki.auth.INFO Login successful (user: Anonymous, role:
System) [pid=20098|sid=dqOi|pki_realm=democa]
==> /var/log/openxpki/openxpki.log <==
2024/08/08 07:38:28 INFO Login successful (user: Anonymous, role: System)
[pid=20099|sid=m74s|pki_realm=democa]
==> /var/log/openxpki/catchall.log <==
2024/08/08 07:38:28 openxpki.auth.INFO Login successful (user: Anonymous, role:
System) [pid=20099|sid=m74s|pki_realm=democa]
==> /var/log/openxpki/openxpki.log <==
2024/08/08 07:38:28 FATAL Unable to serialize HASH
[pid=20099|user=Anonymous|role=System|sid=m74s|pki_realm=democa]
==> /var/log/openxpki/catchall.log <==
2024/08/08 07:38:28 openxpki.system.FATAL Unable to serialize HASH
[pid=20099|user=Anonymous|role=System|sid=m74s|pki_realm=democa]
==> /var/log/openxpki/openxpki.log <==
2024/08/08 07:38:28 ERROR Unable to serialize
[pid=20099|user=Anonymous|role=System|sid=m74s|pki_realm=democa]
==> /var/log/openxpki/catchall.log <==
2024/08/08 07:38:28 openxpki.system.ERROR Unable to serialize
[pid=20099|user=Anonymous|role=System|sid=m74s|pki_realm=democa]
==> /var/log/openxpki/openxpki.log <==
2024/08/08 07:38:28 FATAL Uncaught exception: Unable to serialize
[pid=20099|user=Anonymous|role=System|sid=m74s|pki_realm=democa]
==> /var/log/openxpki/catchall.log <==
2024/08/08 07:38:28 openxpki.system.FATAL Uncaught exception: Unable to
serialize [pid=20099|user=Anonymous|role=System|sid=m74s|pki_realm=democa]
==> /var/log/openxpki/scep.log <==
2024/08/08 07:38:28 ERR
I18N_OPENXPKI_TRANSPORT_SIMPLE_CLIENT_READ_CLOSED_CONNECTION [pid=20097|ep=scep]
2024/08/08 07:38:28 ERR Unable to initialize endpoint parameters
[pid=20097|ep=scep]
I guess, "Unable to serialize HASH" is the real issue. Any hints what went
wrong?
Best,
-ap
_______________________________________________
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users
