Support for XKMS in Dogtag Certificate System
by Cyril Dangerville
Hello,
does Dogtag support XKMS (W3C XML Key Management Specification)? If not,
is it in the roadmap? What priority?
Thanks for any tip.
regards
--
Cyril Dangerville
15 years, 8 months
Dir based enrollment question
by Veale, Sean
Is this bug fixed in the redhat 8.0 CS Alpha release?
https://bugzilla.redhat.com/show_bug.cgi?id=487592
It seems I'm still running into it where when I set up the system for
directary based enrollment the attributes are not being filled in.
I.e. I'll see the tag $request.mail$ for the subject alt name in the
cert instead of the users email address.
I'm attaching a zip of the tps/ca CS.cfg the profile I am trying this
with, the debug logs of the tps and ca subsystems and the access log of
the dir srv instance.
<<PropertiesFromLdap.zip>>
sean
15 years, 9 months
Dogtag/Red Hat Certificate System End-Entity's Guide
by Cyril DANGERVILLE
Hello,
I am unable to find the /Red Hat Certificate System End-Entity's Guide
/(Provides detailed reference information on RHCS end-entity
interfaces) on my Dogtag/RCHCS v7.3 instance.
RHCS 7.1 release notes read "To access this information, click the
help button from one of the End-Entity Services pages."
But no mention of it in RHCS v7.3 doc, and I can't even find the Help
button on the End Entity Services page.
Am I missing something?
regards,
Cyril Dangerville
15 years, 9 months
Using a something other then the default schema for directory based enrollment?
by Veale, Sean
Has anyone able to implement directory base enrollment using their own
custom schema for the LDAP directory? I.e. either direving from the
default one (person is the object class I think) or their own entirelly.
I would like do this, but have been running into problems durning the
enrollment process. This is using the 8.0 alpha build of the CS but I
imagine the dogtag works the same.
I'm attching my TPS and CA configs and Tps-debug log if someone see's a
problem with the configuration.
Thanks
Sean
<<ca-cs.cfg>> <<Tps-debug.log>> <<tps-cs.cfg>>
15 years, 9 months
Format for specifing subject in a profile
by Veale, Sean
Is the following the correct format for
1) pulling the common name from the directory server assuming support
for doing so has been set up in the CA's CS.cfg.
2) Specifing the ou, o and c as parts of the subject?
policyset.IDUserSet.1.default.params.dnpattern=cn=$request.auth_token.cn
[0]$, ou=const1,ou=const2,ou=const3,O=const4,C=const5
If the common name is Sean.Veale the goal is so the subject looks like
CN=Sean.Veale
OU=const1
OU=const2
OU=const3
O=const4
C=const5
Thanks
Sean
15 years, 9 months
