Hi Chris,
hm - you will also get this - very misleading - error if the backend
configuration can not be loaded at all, so can you please check if it
works without the profile parameter. This should then use the default
profile and work, if it does not work you have a problem with the
backend config.
Oliver
On 19.02.25 20:11, Chris via OpenXPKI-users wrote:
Hi,
I am using OpenXPKI Version 3.30.9 and i am trying to make RPC work, so far i
was able to search and revoke certificates but I am having some issue
Requesting certificate using a csr. I am sharing the Command and CSR generation
below, please let me know what I am missing. The command and error are as below:
openssl genpkey -algorithm RSA -out chris.key -pkeyopt rsa_keygen_bits:2048
openssl req -new -key chris.key -out chris.csr -subj
"/CN=chris.com/O=ChrisCorp/OU=IT Department/L=San
Francisco/ST=California/C=US/emailAddress=ch...@xyz.com"
root@debian:~/temp# curl -v -H "Content-Type: application/json" --data "{\"pkcs10\": \"$(awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' chris.csr | sed
':a;N;$!ba;s/\n/\\n/g' | sed 's/\"/\\"/g')\", \"profile\": \"tls_server\", \"comment\": \"Automated Request\", \"signature\":
\"\"}" --key /root/temp/pkiclient.key --cert /root/temp/pkiclient.crt --cacert /root/temp/cacert.crt
{"result":{"proc_state":"finished","id":8959,"data":{"transaction_id":"89518eeaa5d3e091a6616ffc72fdc5a26f2e06d1","error_code":"Invalid
Profile"},"pid":2187,"state":"FAILURE"}}
The error message indicates that the profile argument of your RPC call is invalid. If you are using the
unmodified community sample configuration, the profile mapping maps "tls-server" to the internal
profile "tls_server", so the former ("tls-server") in your command line instead.
Hi Martin,
Thanks for the response and help, Yes i am using the unmodified community sample
configuration, after updating the profile parameter to "tls-server" i am still
getting error, can you help me identify what i might be missing or doing wrong, I am
sharing the command and error below:
curl -v -H "Content-Type: application/json" --data "{\"pkcs10\": \"$(awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' chris.csr | sed ':a;N;$!ba;s/\n/\\n/g' | sed
's/\"/\\"/g')\", \"profile\": \"tls-server\", \"comment\": \"Automated Request\", \"signature\": \"\"}" --key
/root/temp/pkiclient.key --cert /root/temp/pkiclient.crt --cacert
{"result":{"data":{"error_code":"Invalid
Profile","transaction_id":"cd8c604068caa2b595212d4807c3e7e67ecd1424"},"state":"FAILURE","proc_state":"finished","id":9215,"pid":2057}}
BR,
Chris
_______________________________________________
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users
--
Protect your environment - close windows and adopt a penguin!
_______________________________________________
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users
