Hi Endi -
Thanks for letting me know about this. We have testing on PKI on our list of tasks as we finish up working on our ACME client. I will let you know what we find when we test.
Jesse Van Hill
Websphere Identity Management Architect & Dev Lead
WebSphere Application Server & Open Liberty
https://openliberty.io/
507-513-6234 jlvanhil@us.ibm.com
Endi Dewata ---06/29/2020 03:37:35 PM---Hi Jesse, I'd like to let you know that we have created a PKI ACME container that can
From: Endi Dewata <edewata@redhat.com>
To: Jesse L Van hill <jlvanhil@us.ibm.com>
Cc: pki-devel@redhat.com
Date: 06/29/2020 03:37 PM
Subject: [EXTERNAL] Re: [Pki-devel] ACME Support: Error issuing certificate
Hi Jesse,
I'd like to let you know that we have created a PKI ACME container that can be
deployed much more easily on Podman or OpenShift:
https://github.com/dogtagpki/pki/blob/master/docs/installation/acme/Deploying_ACME_on_Podman.md
https://github.com/dogtagpki/pki/blob/master/docs/installation/acme/Deploying_ACME_on_OpenShift.md
By default the container will generate a self-signed CA signing certificate and use
an ephemeral database, but you can configure it with a permanent certificate and
persistent database.
We've also set up a demo instance that you can try:
https://acme.demo.dogtagpki.org/acme/directory
Just let me know if you have any questions. Thanks!
--
Endi S. Dewata
On Tue, Jun 2, 2020 at 8:35 AM Jesse L Van hill <jlvanhil@us.ibm.com> wrote:
Hi Endi -
Unfortunately, customer issues have kept me from pursuing this further. I or one of my team still intends on doing so. I will be sure to let you know when I have tested.
Jesse Van Hill
Websphere Identity Management Architect & Dev Lead
WebSphere Application Server & Open Liberty
https://openliberty.io/
507-513-6234 jlvanhil@us.ibm.com
Endi Sukma Dewata ---06/01/2020 10:42:43 PM-------- Original Message ----- > > Hi -
From: Endi Sukma Dewata <edewata@redhat.com>
To: Jesse L Van hill <jlvanhil@us.ibm.com>
Cc: pki-devel@redhat.com
Date: 06/01/2020 10:42 PM
Subject: [EXTERNAL] Re: [Pki-devel] ACME Support: Error issuing certificate
Hi Jesse,
I was just wondering if you managed to test against the ACME server.
FYI, we're working on adding an embedded CA into the ACME server so
it can be containerized more easily without dependency on a separate
CA. Hopefully we will have something usable by the end of the month.
--
Endi S. Dewata