Re: [Pki-users] Dogtag autoenrollment from an embedded Linux device

We have been testing pki-ra-1.2.0-2 on Fedora 11 via SSCEP as a possible solution. Our problem is that we need to be able to automatically deploy certificates to thousands of embedded Linux devices, each equipped with a common initial shared-secret or cert. Each needs to be able to enroll, recover an initial individual cert based on the system's serial number, and renew the cert... all over a dial-up connection. SSCEP seems to be falling out of the solution based on the requirement for one-time PINs and manual approval of the requests. Although the web interface works beautifully, we can't seem to get SSCEP working. We've looked at the CMCEnroll tool, but that requires Java which is not part of the embedded software. This is an embedded flash rom based system that does not have the memory available. Any suggestions? I'd hate to have to cave-in to those that want a Microsoft solution. Craig Zeller <czeller(a)sjm.com&gt; This communication, including any attachments, may contain information that is proprietary, privileged, confidential or legally exempt from disclosure. If you are not a named addressee, you are hereby notified that you are not authorized to read, print, retain a copy of or disseminate any portion of this communication without the consent of the sender and that doing so may be unlawful. If you have received this communication in error, please immediately notify the sender via return e-mail and delete it from your system. _______________________________________________ Pki-users mailing list Pki-users(a)redhat.com https://www.redhat.com/mailman/listinfo/pki-users