Hi,
I am not sure if I completely understand your question. If you are asking
how one could create a profile that takes the CRL distribution point url
from the cert request submitted via SCEP, then you might want to try the
UserSuppliedExtension:
https://access.redhat.com/documentation/en-us/red_hat_certificate_system/...
where if you were to follow the example, you'd want to use the OID for CRL
distribution point instead, which is 2.5.29.31
Hope this helps,
Christina
On Wed, Oct 31, 2018 at 6:39 AM Akshath Hegde <arhsagar(a)gmail.com> wrote:
Hi. I have installed the dogtag pki on centos 7. My client is a
router
which uses scep for enrollment. I'm able to authenticate and enroll. But
I'm having trouble in setting up the CRL distribution point. The client
seems to be sending the scep request with a specific URL everytime. So I
need to modify the location where the CRL is placed and the URL to which
the scep server responds and publish this with the certificate. Right now I
can see this is the request -
ca/ee/ca/getCRL?operation=getCRL&crlIssuingPoint=MasterCRL. I modified the
caRouterCert.cfg profile to change the URL that gets published. But Im not
able to figure out how to change the location and map the URI to that. Any
help would be appreciated
Thanks
_______________________________________________
Pki-users mailing list
Pki-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/pki-users