Hello,
I do not really understand what you are trying to achieve - if you need
to issue certificates with OpenXPKI using a cross-signed Issuing CA this
is possible, as the creation of the issuing certificate is done outside
of OpenXPKI.
If you want to use OpenXPKI to sign other subca certificates "on the
fly", this is also possible but this has nothing to do with cross
signing as the certificates are signed by the used OpenXPKI CA (which
can of course be cross-signed by some other CA).
Oliver
On 06.02.25 03:23, ksuz...@designet.co.jp wrote:
Regarding the title, OpenXPKI can issue certificates with the Openssl
command.
I think there is no problem because OpenXPKI can issue certificates
using the Openssl command, but please check just to be sure.
What we would like to do is to use Trend Micro's web scanning system.
SSL server certificate is required for SSL inspection.
This time, we will use Trend Micro's local CA.
In this case, we need to create a cross-signed certificate between
Trend Micro's local CA and our own CA.
The procedure is as follows.
The procedure is as follows
https://docs.trendmicro.com/ja-jp/documentation/article/trend-vision-one-cross-signing-ca-certificate
Please check if the command in item 10 of the procedure is possible.
openssl ca -batch -config myca.conf -notext -days 7320 -in iag_ca.csr
-out
iag_ca.cer
--
Protect your environment - close windows and adopt a penguin!
_______________________________________________
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users
