Re: [Pki-users] anyone had a challenge getting crts to publish to the file system?
On 02/20/2011 01:26 AM, Dave Augustus wrote:
I have a brand new install on Centos 5.5 64.
I can't get it to publish certs to the file system, only LDAP. In pkiconsole, when I
first
access the Publishing area, I get an error message about not being authorized. I am
using
the CA admin account to do this.
Dave,
It'd be more helpful here, if you can provide the log info(CA debug log ideally) when
you
see this.
Any ideas?
Though I'm not sure at this point what's blocking you, however I was able to
previously
publish Certs(and CRLs) to file system successfully using below procedure:
---------------------------------------------------------------------------------------
1/ Configure CA
2/ Fire up pkiconsole, go to 'Publishing'
3/ Configure a filebased 'Publisher'
+ Add a 'FileBasedPublisher'(say with id 'filepub') with a directory
'/var/lib/pki-ca/filepublishing'
Note:Ensure to create this directory 'filepublishing' under /var/lib/pki* tree, so
that
SELinux doesn't complain. If you're creating this directory elsewhere on the file
system,
be sure to relabel your SELinux context
4/ Configure 'Rules'
+ Add a new 'Rule'(say "filerule") and select the type as
'certs' , mapper as 'NoMap'
and publisher as 'filepub'(the one we created in step 3 above)
5/ Enable Publshing in pkiconsole
6/ Restart CA instance (do not miss this)
----------------------------------------------------------------------------------------
Now, new certs should be published to your 'var/lib/pki-ca/filepublishing'
directory.
hope that helps.
Thanks,
Dave
_______________________________________________
Pki-users mailing list
Pki-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/pki-users
--
/kashyap