Hi Eugene,
Thank you very much for the information. After reading your reply and
reviewing the PKI installation doc a few more times, it seems this is what
I need to do for that Provisioning Entry - Signing tab. I can use the
radius server certificate and private key, together with the pf PKI CA
(just the CA cert), to sign the OSX/IOS provisioning profile. I will give
it a try.
On Sat, Feb 3, 2018 at 6:19 PM, E.P. <[email protected]> wrote:
> Hi Yijie,
>
> I’ve spent some time with PKI as well trying to figure out how to make it
> work and deploy certificates.
>
> Have it currently inaccessible for the reason unknown to me yet, but as
> far as I remember the CA certificate is in *.PEM format and all you have to
> do is manually install it on the endpoint by allowing it installed in the
> default location, i.e. trusted certificate authority. You don’t need the
> private key for CA. Just start MMC, add certificates snapin and import this
> PEM file.
>
> On the contrary, you’d need *.PFX or *.P12 file for the RADIUS server
> itself that contains both the certificate and private key. And you do need
> the password to import it into an endpoint
>
>
>
> Eugene
>
>
>
> *From:* Yijie Li via PacketFence-users [mailto:packetfence-users@
> lists.sourceforge.net]
> *Sent:* Friday, February 02, 2018 1:50 PM
> *To:* [email protected]
> *Cc:* Yijie Li
> *Subject:* [PacketFence-users] Where is the packetfence PKI Certificate
> Authority private key file?
>
>
>
> Hi,
>
>
>
> Regarding this question, I searched the mailing list archive multiple
> times and have googled too. But did not find any solution there.
>
>
>
> I am in the process of configuring pf and pf PKI. Followed this
> instructuion https://packetfence.org/doc/PacketFence_PKI_Quick_Install_
> Guide.html. To add Apple devices provisioner profile, it seems I need to
> paste the PacketFence PKI CA certificate and private key into the
> configuration under Signing tab of Provisioning Entry. Under this
> folder /usr/local/packetfence-pki/ca/, I see the CA certificate file in
> pem format. But the private key file is not there. Tried some intensive
> search, but did not come up anything.
>
>
>
> Where is the pf PKI CA private key? and what is the private key password,
> if any? During CA initialization, there is no user input about where to
> save it, nor about the private key password.
>
>
>
>
>
>
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
