Re: [PacketFence-users] Where is the packetfence PKI Certificate Authority private key file?

Sat, 03 Feb 2018 18:31:07 -0800 

Hi Yijie,

I’ve spent some time with PKI as well trying to figure out how to make it work 
and deploy certificates.

Have it currently inaccessible for the reason unknown to me yet, but as far as 
I remember the CA certificate is in *.PEM format and all you have to do is 
manually install it on the endpoint by allowing it installed in the default 
location, i.e. trusted certificate authority. You don’t need the private key 
for CA. Just start MMC, add certificates snapin and import this PEM file.

On the contrary, you’d need *.PFX or *.P12 file for the RADIUS server itself 
that contains both the certificate and private key. And you do need the 
password to import it into an endpoint

 

Eugene

 

From: Yijie Li via PacketFence-users 
[mailto:[email protected]] 
Sent: Friday, February 02, 2018 1:50 PM
To: [email protected]
Cc: Yijie Li
Subject: [PacketFence-users] Where is the packetfence PKI Certificate Authority 
private key file?

 

Hi,

 

Regarding this question, I searched the mailing list archive multiple times and 
have googled too. But did not find any solution there.

 

I am in the process of configuring pf and pf PKI. Followed this instructuion 
https://packetfence.org/doc/PacketFence_PKI_Quick_Install_Guide.html. To add 
Apple devices provisioner profile, it seems I need to paste the PacketFence PKI 
CA certificate and private key into the configuration under Signing tab of 
Provisioning Entry. Under this folder /usr/local/packetfence-pki/ca/, I see the 
CA certificate file in pem format. But the private key file is not there. Tried 
some intensive search, but did not come up anything.

 

Where is the pf PKI CA private key? and what is the private key password, if 
any? During CA initialization, there is no user input about where to save it, 
nor about the private key password.

 

 

 


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to