7:19 a.m.
Hello,
I'm still a beginner and looking into Dogtak PKI recently. I wanted if it
was possible to submit a Certificate Request or a CSR File to the CA by
using a curl POST command with the CA Rest API, is the feature still up and
running ? As it is implied by the documentation ?
Best regards,
Amaury SIHARATH.
6:53 p.m.
On Thu, Mar 05, 2020 at 02:19:51PM +0100, Amaury SIHARATH wrote:
Hello,
I'm still a beginner and looking into Dogtak PKI recently. I wanted if it
was possible to submit a Certificate Request or a CSR File to the CA by
using a curl POST command with the CA Rest API, is the feature still up and
running ? As it is implied by the documentation ?
Yes, you can do that. Let us know if you get stuck and we can help.
Cheers,
Fraser
Best regards,
Amaury SIHARATH.
_______________________________________________
Pki-users mailing list
Pki-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/pki-users
9:08 a.m.
Fraser
We are conscious that we can use ca-cert-request to send a csr towards
the CA.
But we want to avoid this.
Our use case is to have a csr generated with openssl, then be able to
send it to the CA with a simple curl/HTTP POST for further validation
(we have cases where installing the pki-tools rpm is not doable).
If this is possible, what is the target URI that should be used (you can
point me to a some documentation if I missed some) ?
Thanks again
P
Le 06/03/2020 à 01:53, Fraser Tweedale a écrit :
On Thu, Mar 05, 2020 at 02:19:51PM +0100, Amaury SIHARATH wrote:
> Hello,
>
> I'm still a beginner and looking into Dogtak PKI recently. I wanted if it
> was possible to submit a Certificate Request or a CSR File to the CA by
> using a curl POST command with the CA Rest API, is the feature still up and
> running ? As it is implied by the documentation ?
>
Yes, you can do that. Let us know if you get stuck and we can help.
Cheers,
Fraser
> Best regards,
>
> Amaury SIHARATH.
> _______________________________________________
> Pki-users mailing list
> Pki-users(a)redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users
_______________________________________________
Pki-users mailing list
Pki-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/pki-users
6:27 a.m.
On Wed, Apr 08, 2020 at 04:08:09PM +0200, Pascal Jakobi wrote:
Fraser
We are conscious that we can use ca-cert-request to send a csr towards the
CA.
But we want to avoid this.
Our use case is to have a csr generated with openssl, then be able to send
it to the CA with a simple curl/HTTP POST for further validation (we have
cases where installing the pki-tools rpm is not doable).
If this is possible, what is the target URI that should be used (you can
point me to a some documentation if I missed some) ?
Thanks again
P
Sure,
POST to /ca/rest/certrequests
The body shall be an XML document such as:
<?xml version="1.0" encoding="UTF-8"
standalone="yes"?>
<CertEnrollmentRequest>
<ProfileID>{profile}</ProfileID>
<Input id="i1">
<ClassID>certReqInputImpl</ClassID>
<Attribute name="cert_request_type">
<Value>pkcs10</Value>
</Attribute>
<Attribute name="cert_request">
<Value>{req}</Value>
</Attribute>
</Input>
</CertEnrollmentRequest>
Where {profile} is replaced with the profile ID you want to use to
issue the certificate, and {req} is replaced with the PEM-encoded
PKCS #10 CSR.
REST API doc is here: https://www.dogtagpki.org/wiki/CA_REST_API.
In several cases (including for submitting certificate requests)
there are just links to Java source files where payload data are
specified.
Cheers,
Fraser
Le 06/03/2020 à 01:53, Fraser Tweedale a écrit :
> On Thu, Mar 05, 2020 at 02:19:51PM +0100, Amaury SIHARATH wrote:
> > Hello,
> >
> > I'm still a beginner and looking into Dogtak PKI recently. I wanted if it
> > was possible to submit a Certificate Request or a CSR File to the CA by
> > using a curl POST command with the CA Rest API, is the feature still up and
> > running ? As it is implied by the documentation ?
> >
> Yes, you can do that. Let us know if you get stuck and we can help.
>
> Cheers,
> Fraser
>
> > Best regards,
> >
> > Amaury SIHARATH.
> > _______________________________________________
> > Pki-users mailing list
> > Pki-users(a)redhat.com
> > https://www.redhat.com/mailman/listinfo/pki-users
> _______________________________________________
> Pki-users mailing list
> Pki-users(a)redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users
>
_______________________________________________
Pki-users mailing list
Pki-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/pki-users
2031
days inactive
2066
days old
3 comments
3 participants
participants (3)
-
Amaury SIHARATH -
Fraser Tweedale -
Pascal Jakobi