pki -c
Secret.123
-n "
PKI Administrator for localhost.localdomain
" ca-cert-request-review
40
--action
approve
yes, it works by having SSL client authentication for an "agent" user, or LDAP basic authentication (without or with a pre-defined pin), or CMC:example for SSL server cert, look at the profile caAgentServerCert.cfgexample for SSL server cert using CMC, seefor end user cert, examples with caDirPinUserCert.cfg , caDirUserCert.cfgfrom the pki command line with LDAP basic authentication , look for the command cert-request-submit with the --usernameeitherpki cert-request-submit --helporpki ca-cert-request-submit --help
seeOn Wed, Oct 28, 2020 at 2:20 AM Wahaj K <mwahaj3120@gmail.com> wrote:Hi Guys,_______________________________________________I am new to Dogtag PKI and have installed it on fedora 33. I am able to send a PKCS#10 certificate, approve and then get the issued certificate. I need to know a way to generate the certificate without manual approval hence when PKCS#10 request is sent ,the certificate is generated right away. I have looked at profiles, CA configuration but couldn't see a way. I am using Dogtag 10.9. Is this possible? Any guidance is appreciated.Regards,Wahaj
Pki-users mailing list
Pki-users@redhat.com
https://www.redhat.com/mailman/listinfo/pki-users