Hello everyone, does anyone on the list know where we can get answer for the questions below?

 

 

 

What’s the appropriate procedure(s) for generating SSL certificates on behalf of someone and/or only dogtag administrators generating the ssl certificate for users/clients?

 

How or can we edit the Certificate Profiles;  For example, if we generate a certificate with private key archival like the Manual User Signing and Encryption Certificates Enrollment, we can do that as a caAdmin, then retrieve the private keys, and then save out a pkcs12 file that we could give to a client for importation into their browser without ever having someone other than a caAdmin use the dogtag server.   Unfortunately, that profile is only generating a certificate for email.  We need SSL.    Then, how do we enable either a custom profile, or another profile that has the capabilities we would prefer?

 

 

 

Boyd Jackson

AT&T Government Solutions

Cell- 703-314-9173

Fax- 212-202-5261