KRA Problem
by Tiago Magalhães
Hi, I installed ca and kra in the same tomcat instance, but when I try to
enroll a certificate using server-side Key generation, the following
message appears: "KRA Transport Certificate needs to be imported into the
CA nssdb for Server-Side Kegen Enrollment". Do you know how I can i fix
this?
Thanks for your attention
1 month, 1 week
- 3
- 2
KeyError: 'Output' when attempting to enroll certificate with python client
by stephen.briley@gmail.com
Hi, Im attempting to write a script in python using the dogtag-pki 10.7.4.1 module that allows for certificates to be programatically enrolled. I'm running dogtag-pki-10.10.6-1.fc34.x86_64 on a Fedora system. I'm unsuccessful and am getting an error "KeyError: 'Output'" when attempting to do so. Using the web ui, i'm able to successfully request and enroll certificates using the same client authentication certificate. Any ideas?
Script that i'm using:
import pki
import pki.client as …
[View More]client
import pki.encoder as encoder
import pki.profile as profile
import pki.cert as cert
scheme = 'https'
host = '192.168.114.130'
port = '8443'
subsystem = 'ca'
conn = client.PKIConnection(scheme, host, port, subsystem)
conn.set_authentication_cert('/home/sdb1031/ca_admin_cert.pem')
#profile_client = profile.ProfileClient(conn)
#profiles = profile_client.list_profiles(size=1000)
#for profile in profiles:
# print(profile.profile_id)
#profile = profile_client.get_profile('caServerCert')
#print(profile.profile_id)
cert_client = cert.CertClient(conn)
# enrol a certificate
print("Enrolling a server certificate")
print('------------------------------')
inputs = dict()
inputs['cert_request_type'] = 'pkcs10'
inputs['cert_request'] = 'MIIC2jCCAcQCAQAwZzFlMAkGA1UEAwwCcHkwDwYJKoZIhvcNAQkBEwJweTAJBgNV\r\nBAsTAnB5MAkGA1UEChMCcHkwCQYDVQQJEwJweTAJBgNVBAcTAnB5MAkGA1UECBMC\r\nRkwwBwYDVQQREwAwBwYDVQQGEwAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\r\nAoIBAQCXsRPBSDgeQQ0nTRzcuR4POs6NnEoGEly4zoWJJQn4qmn0mubuqq2DTxIu\r\n15d0V1XlzMLPsxbqGgmL3LxBRAqlbFZ8VIdS7bBGrZcqKZO9SGCVg9Btxrr/KMpn\r\nJ1wtI0ixFDvbBEJ8hO8RtjjkHe1jAcwox1if7/2xqOjAtO7w/XfmPX8c3i1VVNT4\r\n9tRrkNoiBLJhRJdOZy265FrGGe8TRpnnFcjQPPbylarEyCzVw9FexxK9HTfQdhyT\r\nK8qlnae1cBCzSTAvnHg1ChFvaL4S82zeCtjRR8nomqSKBqynRBC5n7UvrS8xR9ka\r\nYRKLtkKA8WJvGWOkpATMPRlHo/25AgMBAAGgMDAuBgkqhkiG9w0BCQ4xITAfMB0G\r\nA1UdDgQWBBT6aJzpLbfusEEYNWqnJTAMqHLbKjALBgkqhkiG9w0BAQsDggEBADWi\r\nVnrAJqOhpzwaTfw2P2xCPPtzlCQmPeOxq1jLI55uBYn8B3zqrKQAi/Ym2rh2t9Qy\r\nmHj15w7HwdYCzntzwMtsxJFqXcjfRWDh9Z9yFzaZo6xFBtB4Hr4F/NY79gBAz/U+\r\nTAXD9rkfXrAFNsYYtmLbdTQYyfR+P4F0nv23FUDEFq0nH4gWMciwgND2NTTTScJl\r\nxx889rhnc0ChiYKH2U1t7j837ZQHZfMVORD4xLMFSz5Xy5YnE7lhqSqmomGGE8R5\r\n25fEUtGh/mOX8x5q09X3
yLq2kUjxmMCsdPZdQK2J+uXkC6uRRCQmqqW7N2IDhTiP\r\nfZGrkbVf69vBpB29RUg='
inputs['requestor_name'] = 'Tester'
inputs['requestor_email'] = 'example(a)redhat.com'
inputs['requestor_phone'] = 'steve'
enrollment_results_2 = cert_client.enroll_cert('caServerCert', inputs)
Error received:
Traceback (most recent call last):
File "/usr/lib/python3.7/runpy.py", line 193, in _run_module_as_main
"__main__", mod_spec)
File "/usr/lib/python3.7/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/home/sdb1031/.vscode/extensions/ms-python.python-2021.5.926500501/pythonFiles/lib/python/debugpy/__main__.py", line 45, in <module>
cli.main()
File "/home/sdb1031/.vscode/extensions/ms-python.python-2021.5.926500501/pythonFiles/lib/python/debugpy/../debugpy/server/cli.py", line 444, in main
run()
File "/home/sdb1031/.vscode/extensions/ms-python.python-2021.5.926500501/pythonFiles/lib/python/debugpy/../debugpy/server/cli.py", line 285, in run_file
runpy.run_path(target_as_str, run_name=compat.force_str("__main__"))
File "/usr/lib/python3.7/runpy.py", line 263, in run_path
pkg_name=pkg_name, script_name=fname)
File "/usr/lib/python3.7/runpy.py", line 96, in _run_module_code
mod_name, mod_spec, pkg_name, script_name)
File "/usr/lib/python3.7/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/home/sdb1031/Documents/dogtag-python.py", line 58, in <module>
enrollment_results_2 = cert_client.enroll_cert('caServerCert', inputs)
File "/home/sdb1031/.local/lib/python3.7/site-packages/pki/__init__.py", line 423, in handler
return fn_call(inst, *args, **kwargs)
File "/home/sdb1031/.local/lib/python3.7/site-packages/pki/cert.py", line 1011, in enroll_cert
enroll_request = self.create_enrollment_request(profile_id, inputs)
File "/home/sdb1031/.local/lib/python3.7/site-packages/pki/__init__.py", line 423, in handler
return fn_call(inst, *args, **kwargs)
File "/home/sdb1031/.local/lib/python3.7/site-packages/pki/cert.py", line 962, in create_enrollment_request
enrollment_template = self.get_enrollment_template(profile_id)
File "/home/sdb1031/.local/lib/python3.7/site-packages/pki/__init__.py", line 423, in handler
return fn_call(inst, *args, **kwargs)
File "/home/sdb1031/.local/lib/python3.7/site-packages/pki/cert.py", line 945, in get_enrollment_template
enrollment_template = CertEnrollmentRequest.from_json(r.json())
File "/home/sdb1031/.local/lib/python3.7/site-packages/pki/cert.py", line 520, in from_json
outputs = attr_list['Output']
KeyError: 'Output'
[View Less]
3 years, 10 months
- 1
- 0
KeyError: 'Output' when attempting to enroll certificate with python client
by stephen.briley@gmail.com
Hello Everyone,
A few hours ago I installed Dogtag CA dogtag-pki-10.10.6-1.fc34.x86_64 on a Fedora 34 system for the first time. I would like to automate the enrollment of certificates using the python client for Dogtag using dogtag-pki 10.7.4.1. However, i am getting a KeyError:'Output message when I attempt to do this using the following code:
import pki
import pki.client as client
import pki.encoder as encoder
import pki.profile as profile
import pki.cert as cert
scheme = 'https'
host = '…
[View More]192.168.114.130'
port = '8443'
subsystem = 'ca'
conn = client.PKIConnection(scheme, host, port, subsystem)
conn.set_authentication_cert('/home/sdb1031/ca_admin_cert.pem')
cert_client = cert.CertClient(conn)
print("Enrolling a server certificate")
print('------------------------------')
inputs = dict()
inputs['cert_request_type'] = 'pkcs10'
inputs['cert_request'] = 'MIIC2jCCAcQCAQAwZzFlMAkGA1UEAwwCcHkwDwYJKoZIhvcNAQkBEwJweTAJBgNV\r\nBAsTAnB5MAkGA1UEChMCcHkwCQYDVQQJEwJweTAJBgNVBAcTAnB5MAkGA1UECBMC\r\nRkwwBwYDVQQREwAwBwYDVQQGEwAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\r\nAoIBAQCXsRPBSDgeQQ0nTRzcuR4POs6NnEoGEly4zoWJJQn4qmn0mubuqq2DTxIu\r\n15d0V1XlzMLPsxbqGgmL3LxBRAqlbFZ8VIdS7bBGrZcqKZO9SGCVg9Btxrr/KMpn\r\nJ1wtI0ixFDvbBEJ8hO8RtjjkHe1jAcwox1if7/2xqOjAtO7w/XfmPX8c3i1VVNT4\r\n9tRrkNoiBLJhRJdOZy265FrGGe8TRpnnFcjQPPbylarEyCzVw9FexxK9HTfQdhyT\r\nK8qlnae1cBCzSTAvnHg1ChFvaL4S82zeCtjRR8nomqSKBqynRBC5n7UvrS8xR9ka\r\nYRKLtkKA8WJvGWOkpATMPRlHo/25AgMBAAGgMDAuBgkqhkiG9w0BCQ4xITAfMB0G\r\nA1UdDgQWBBT6aJzpLbfusEEYNWqnJTAMqHLbKjALBgkqhkiG9w0BAQsDggEBADWi\r\nVnrAJqOhpzwaTfw2P2xCPPtzlCQmPeOxq1jLI55uBYn8B3zqrKQAi/Ym2rh2t9Qy\r\nmHj15w7HwdYCzntzwMtsxJFqXcjfRWDh9Z9yFzaZo6xFBtB4Hr4F/NY79gBAz/U+\r\nTAXD9rkfXrAFNsYYtmLbdTQYyfR+P4F0nv23FUDEFq0nH4gWMciwgND2NTTTScJl\r\nxx889rhnc0ChiYKH2U1t7j837ZQHZfMVORD4xLMFSz5Xy5YnE7lhqSqmomGGE8R5\r\n25fEUtGh/mOX8x5q09X3
yLq2kUjxmMCsdPZdQK2J+uXkC6uRRCQmqqW7N2IDhTiP\r\nfZGrkbVf69vBpB29RUg='
inputs['requestor_name'] = 'Tester'
inputs['requestor_email'] = 'example(a)redhat.com'
inputs['requestor_phone'] = 'steve'
enrollment_results_2 = cert_client.enroll_cert('caServerCert', inputs)
ERROR printed after running the script:
Traceback (most recent call last):
File "/usr/lib/python3.7/runpy.py", line 193, in _run_module_as_main
"__main__", mod_spec)
File "/usr/lib/python3.7/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/home/sdb1031/.vscode/extensions/ms-python.python-2021.5.926500501/pythonFiles/lib/python/debugpy/__main__.py", line 45, in <module>
cli.main()
File "/home/sdb1031/.vscode/extensions/ms-python.python-2021.5.926500501/pythonFiles/lib/python/debugpy/../debugpy/server/cli.py", line 444, in main
run()
File "/home/sdb1031/.vscode/extensions/ms-python.python-2021.5.926500501/pythonFiles/lib/python/debugpy/../debugpy/server/cli.py", line 285, in run_file
runpy.run_path(target_as_str, run_name=compat.force_str("__main__"))
File "/usr/lib/python3.7/runpy.py", line 263, in run_path
pkg_name=pkg_name, script_name=fname)
File "/usr/lib/python3.7/runpy.py", line 96, in _run_module_code
mod_name, mod_spec, pkg_name, script_name)
File "/usr/lib/python3.7/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/home/sdb1031/dogtag-python.py", line 58, in <module>
enrollment_results_2 = cert_client.enroll_cert('caServerCert', inputs)
File "/home/sdb1031/.local/lib/python3.7/site-packages/pki/__init__.py", line 423, in handler
return fn_call(inst, *args, **kwargs)
File "/home/sdb1031/.local/lib/python3.7/site-packages/pki/cert.py", line 1011, in enroll_cert
enroll_request = self.create_enrollment_request(profile_id, inputs)
File "/home/sdb1031/.local/lib/python3.7/site-packages/pki/__init__.py", line 423, in handler
return fn_call(inst, *args, **kwargs)
File "/home/sdb1031/.local/lib/python3.7/site-packages/pki/cert.py", line 962, in create_enrollment_request
enrollment_template = self.get_enrollment_template(profile_id)
File "/home/sdb1031/.local/lib/python3.7/site-packages/pki/__init__.py", line 423, in handler
return fn_call(inst, *args, **kwargs)
File "/home/sdb1031/.local/lib/python3.7/site-packages/pki/cert.py", line 945, in get_enrollment_template
enrollment_template = CertEnrollmentRequest.from_json(r.json())
File "/home/sdb1031/.local/lib/python3.7/site-packages/pki/cert.py", line 520, in from_json
outputs = attr_list['Output']
KeyError: 'Output'
I don't think this is an authentication problem, since in the web UI, and am able to successfully enroll a certificate when authenticating with the ca_admin_client certificate (same cert as used in the script) and the functions for listing profiles are successful when using the python . Any ideas?
[View Less]
3 years, 10 months
- 1
- 0
- ← Newer
- 1
- Older →