Hey Hajo, I know it's not the answer you need but could you possibly help me set up at Certmonger. I tried it but it didn't work. If you would agree, I would write to you on your email. Best regards Danakiran Ali
Hans-Joachim Passon <h.pas...@uni-assist.de> schrieb am Mi. 25. Sept. 2024 um 18:34: > Hello, > > > I'm trying to get certificates from an OpenXPKI-Instance via certmonger > and scep. > > Finally most steps work but now I'm stuck: > > - certmonger gets information about the ca (getcert add-scep-ca ...) - > WORKS AS EXPECTED > - certmonger generates a request and sends it to CA - WORKS AS EXPECTED > - CA looks up profile - WORKS AS EXPECTED > - CA calculates eligibility - WORKS AS EXPECTED > - CA generates workflow for the approval - WORKS AS EXPECTED > - CA decides not to approve automaticaly because of missing expected > approval points - WORKS AS EXPECTED > - raop can see and manage the workflow - WORKS AS EXPECTED > - CA generates an error > code I18N_OPENXPKI_UI_ENROLLMENT_ERROR_NOT_APPROVED and the scep interface > sends out a html page with error code 400 > > The last step seems like a bug to me. Because of the error, certmonger > cannot know that certificate approval is pending. Therefore if I try a > refresh in certmonger it does not poll for the state of the pending > certificate but tries to submit the request again as an initial request. > > > Did anyone manage to use certmonger and OpenXPKI/scep with a workflow on > initial requests that requires manual approval? > > > I'm using OpenXPKI 3.30.3 and certmonger 0.79.14+git20211010-2ubuntu1.1 > (this version contains a patch that lets certmonger work with openssl 3 and > is prt of jammy-proposed). > > > Cheers > > > Hajo > _______________________________________________ > OpenXPKI-users mailing list > OpenXPKI-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openxpki-users >
_______________________________________________ OpenXPKI-users mailing list OpenXPKI-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openxpki-users
