Hi Christina,
Sorry for the confusion. Let me rephrase the steps
below if it is supported:
- Generate private key and CSR for intermediate CA using
openssl
- Submit the CSR to external CA (Ex: Symantec) for
signing
- Receive the signed certificate from CA
- Setup DogTag with the private key (generated in step
#1) and intermediate CA certificate (acquired in step
#3)
I’m hoping this approach allows me to perform step 1-3
once and then setup DogTag as many times I need using the
existing private key and certificate on any host.
Please let me know if you need further clarification.
Thanks,
Mahendra
On 06/25/2015 11:23 AM,
Jain, Mahendra wrote:
Hi,
I’ve DogTag
10.1.2 setup with externally signed CA
(using the steps
outline in the link below) and the setup
works perfectly fine:
I would like to know if DogTag
also supports configuring externally acquired
private key and certificate.
In other words, If I generate
the private key and CSR using openssl and submit
CSR to CA for certificate.
Once the CA issued the
certificate, I would like to setup DogTag using
the existing private key (created using openssl) and certificate.
Hi, I'm sorry I read your questions a few times and
I'm not certain what you wish to do. What would you
like to use this certificate for? For example, is
this an SSL server cert, or CA signing cert? etc. And
you mean in another new Dogtag instance, or are you
talking about replacing certain system cert of the CA
you just set up?
“This message (including any
attachments) is intended only for the use of the
individual or entity to which it is addressed,
and may contain information that is non-public,
proprietary, privileged, confidential and exempt
from disclosure under applicable law or may be
constituted as attorney work product. If you are
not the intended recipient, you are hereby
notified that any use, dissemination,
distribution, or copying of this communication
is strictly prohibited. If you have received
this message in error, notify sender immediately
and delete this message immediately.”
_______________________________________________
Pki-users mailing list
Pki-users@redhat.comhttps://www.redhat.com/mailman/listinfo/pki-users