Re: [OpenXPKI-users] How is an OpenXPKI generated private key exported?
On Wed, April 17, 2024 05:29, Martin Bartosch wrote: > James, > >> My question was imprecise. I had in mind a batch/cli type solution. After >> further research this is what I am attempting to use. > >> openxpkicli --realm=hll_ca2016 get_private_key_for_cert \ >> --param identifier='Lik1K_AGi-RDqOiNxjmptAh-4-w' \ >> --param password='F990NCtO' \ >> --param passout='' \ >> --param nopassword=TRUE \ >> --param format=PKCS8_PEM >> Error: Error while executing API command >>Attribute (identifier) is required > > Retry using --arg instead of --param. > > Cheers > > Martin > > Thank you. -- *** e-Mail is NOT a SECURE channel *** Do NOT transmit sensitive data via e-Mail Unencrypted messages have no legal claim to privacy Do NOT open attachments nor follow links sent by e-Mail James B. Byrnemailto:byrn...@harte-lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3 ___ OpenXPKI-users mailing list OpenXPKI-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openxpki-users
Re: [OpenXPKI-users] How is an OpenXPKI generated private key exported?
James, > My question was imprecise. I had in mind a batch/cli type solution. After > further research this is what I am attempting to use. > openxpkicli --realm=hll_ca2016 get_private_key_for_cert \ > --param identifier='Lik1K_AGi-RDqOiNxjmptAh-4-w' \ > --param password='F990NCtO' \ > --param passout='' \ > --param nopassword=TRUE \ > --param format=PKCS8_PEM > Error: Error while executing API command >Attribute (identifier) is required Retry using --arg instead of --param. Cheers Martin ___ OpenXPKI-users mailing list OpenXPKI-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openxpki-users
Re: [OpenXPKI-users] How is an OpenXPKI generated private key exported?
On Mon, April 15, 2024 14:12, Martin Bartosch wrote: > James, > >> I created csr where the option to create a private key was selected. How is >> the private key created for this csr exported from openxpki? > > Click on the Certificate. Choose Action -> "Download private key/keystore > (PKCS12/PKCS8/Java)" > My question was imprecise. I had in mind a batch/cli type solution. After further research this is what I am attempting to use. openxpkicli --realm hll_ca2016 get_private_key_for_cert --help get_private_key_for_cert returns an ecrypted private key for a certificate if the private key was generated on the CA during the certificate request process. Parameters are the same as for (convert_private_key) except that (private_key) must not be passed but is read from the datapool and (cert_identifier) is mandatory. convert_private_key expects a private key and converts it into another format. If a bundle with certificates is requested (PKCS12, JKS), the certificate to use as the end entity certificate must be given via (identifier) or as first element of (chain) openxpkicli --realm=hll_ca2016 get_private_key_for_cert \ --param identifier='Lik1K_AGi-RDqOiNxjmptAh-4-w' \ --param password='F990NCtO' \ --param passout='' \ --param nopassword=TRUE \ --param format=PKCS8_PEM Error: Error while executing API command Attribute (identifier) is required openxpkicli --realm=hll_ca2016 get_private_key_for_cert \ --param cert_identifier='Lik1K_AGi-RDqOiNxjmptAh-4-w' \ --param password='F990NCtO' \ --param passout='' \ --param nopassword=TRUE \ --param format=PKCS8_PEM Error: Error while executing API command Attribute (identifier) is required What is wrong with the identifier attribute? For what it is worth I find that using two different names for the same thing a bit confusing, if indeed 'cert_identifier' and 'identifier' do refer to the same thing. Your help is appreciated. Thank you. ___ OpenXPKI-users mailing list OpenXPKI-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openxpki-users
Re: [OpenXPKI-users] How is an OpenXPKI generated private key exported?
James, > I created csr where the option to create a private key was selected. How is > the private key created for this csr exported from openxpki? Click on the Certificate. Choose Action -> "Download private key/keystore (PKCS12/PKCS8/Java)" Martin ___ OpenXPKI-users mailing list OpenXPKI-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openxpki-users
[OpenXPKI-users] How is an OpenXPKI generated private key exported?
I created csr where the option to create a private key was selected. How is the private key created for this csr exported from openxpki? -- *** e-Mail is NOT a SECURE channel *** Do NOT transmit sensitive data via e-Mail Unencrypted messages have no legal claim to privacy Do NOT open attachments nor follow links sent by e-Mail James B. Byrnemailto:byrn...@harte-lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3 ___ OpenXPKI-users mailing list OpenXPKI-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openxpki-users