Re: [OpenXPKI-users] sending request to 'http://[fd00:90:2690::135]:8080/scep/generic?operation=PKIOperation' did not receive a valid SCEP response: HTTP 500

Sat, 19 Apr 2025 23:18:30 -0700 

Hi Ed,
OpenXPKI does not like the PKCS10 request it gets - can you perhaps dump the payload and share it with us (or raise loglevel in OpenXPKI to grab it from the logs). 

Oliver

On 17.04.25 00:57, Jean-Baptiste, Edwige via OpenXPKI-users wrote:


HI,


I am trying to renew a certificate using the “—cert and –key” of the 
old certificate. I got an error, I am not quite sure why that is. Can 
someone help me out. Enrollment works fine.


This is my PKI command:


pki --scep --url 
http://[fd00:90:2690::135]:8080/scep/generic/pkiclient --cacert-enc 
/fdsk/scep/RA_CERT.pem --cacert-sig /fdsk/scep/CA_CERT-1.pem --cacert 
/fdsk/scep/CA_CERT.pem --in /fdsk/scep/vccap136-5-1Key.pem --san 
ad...@commscope.com --dn "C=US, ST=MA, L=Lowell, O=CommScope, 
OU=VCCAP, CN=ad...@commscope.com" --cert 
/fdsk/scep/old/vccap136-5-1.crt --key 
/fdsk/scep/old/vccap136-5-1Key.pem --password edwigejb --maxpolltime 
120 --outform pem > /fdsk/scep/vccap136-5-1.crt


I got this log in the debug response:

builder L0 CRED_CONTAINER - PKCS7_SIGNED_DATA of plugin 'pkcs7'

builder L1 CRED_CONTAINER - PKCS7_DATA of plugin 'pkcs7'

sending scep request to 'http://[fd00:90:2690::135]:8080/scep/generic'


  sending request to 
'http://[fd00:90:2690::135]:8080/scep/generic?operation=PKIOperation'...


did not receive a valid SCEP response: HTTP 500

croot@vccap136-5:/fdsk/scep#

This is my SCEP.log

2025/04/16 22:35:30 INF Input validation failed [pid=79|ep=generic]

2025/04/16 22:35:30 INF Failed fields: pkcs10 [pid=79|ep=generic]


2025/04/16 22:35:30 ERR Missing or invalid parameters: 
I18N_OPENXPKI_UI_VALIDATOR_FIELD_TYPE_INVALID


[pid=79|ep=generic]


2025/04/16 22:35:30 WAR Client error / malformed request: badRequest 
(internal code: 40004) [pid=79|ep=generic]


2025/04/16 22:36:09 INF SCEP handler initialized [pid=80|ep=[undef]]

2025/04/16 22:36:10 ERR I18N_OPENXPKI_UI_VALIDATOR_FIELD_TYPE_INVALID

Thanks,

Ed



_______________________________________________
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users


--
Protect your environment -  close windows and adopt a penguin!

_______________________________________________
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users






















					Reply via email to