base64 CMC Request format
by Elliott William C OSS sIT
Hi all,
Can Dogtag (in this case v. 9.0.3-30.el6 ) be coerced into accepting base64-encoded CMC requests? Is there a parameter somewhere? Or would it require reprogramming?
We have a (smart-)card management system (runs under Windows) which sends the requests and expects the responses to both be base64 encoded.
Thanks and best regards,
William Elliott
s IT Solutions
Open System Services
8 years, 5 months
Dogtag 10.1 Question
by JACKSON, BOYD R
Hello everyone, does anyone on the list know where we can get answer for the questions below?
What’s the appropriate procedure(s) for generating SSL certificates on behalf of someone and/or only dogtag administrators generating the ssl certificate for users/clients?
How or can we edit the Certificate Profiles; For example, if we generate a certificate with private key archival like the Manual User Signing and Encryption Certificates Enrollment, we can do that as a caAdmin, then retrieve the private keys, and then save out a pkcs12 file that we could give to a client for importation into their browser without ever having someone other than a caAdmin use the dogtag server. Unfortunately, that profile is only generating a certificate for email. We need SSL. Then, how do we enable either a custom profile, or another profile that has the capabilities we would prefer?
Boyd Jackson
AT&T Government Solutions
Cell- 703-314-9173
Fax- 212-202-5261
10 years, 8 months
Exporting Keys from Database
by Jindrich Dolezal
hi,
im using dogtag 9.0. im trying to export the CA keys with the use of
PKCS12Export command. in the Deploy and Install guide there is command
to use:
PKCS12Export -debug -d /var/lib/{instance_name}/alias -w p12pwd.txt -p
internal.txt -o master.p12
where according to help
-p <file containing password for keydb> -w <file containing pkcs12
password> -o <output file for pkcs12>
but i always end up with:
PKCS12Export debug: PKCS12Export Exception:
org.mozilla.jss.util.IncorrectPasswordException
what is 'file containing password for keydb' and 'file containing pkcs12
password'?
i tried all combinations of passwords i used during the installation.
more over during the installation i was not asked for any password to
protect the keydb.
so my next question is: should the passwords be in special format, like
in base64, or more generally what passwords shall be used for this at all?
thanks
jd
</pre>****************************************************************************************<br>This email and any files transmitted with are confidential and intended solely for the<br>use of the individual or entity to whom they are addressed. If you have received this<br>email in error then please delete it and notify the sender. Do not make a copy or forward<br>it to anyone. This footnote also confirms that this email message has been swept for the<br>presence of computer viruses.<br><br>Adaptive Mobile Security Ltd, Ferry House, 48 Lower Mount Street, Dublin 2, Ireland<br>Directors: B. Collins, G. Maclachlan (UK), N. Grierson (UK), J. Ennis (UK), D. Summers (UK).<br>Registered in Ireland, Company No. 370343, VAT Reg.No.IE6390343O<br>****************************************************************************************</pre>
10 years, 9 months
Dogtag 10.1 User Documentation?
by JACKSON, BOYD R
Greetings all,
Does anyone on this mailing list know of any resources I could use that would show me the steps required to generate certificates using Dogtag 10.1? I have all of the Dogtag 10.1 components installed but looking for some insight on how to create, issue and manage client certificates that will be used for client authentication. The server that will be contacted has a Verisign issued certificate.
Boyd Jackson
AT&T Government Solutions
Cell- 703-314-9173
Fax- 212-202-5261
10 years, 9 months
