Hello all, I am trying to build internal PKI - two levels CA (Root and Intermediate) with dogtag 10.1.2 on CentOS 7.1. When I use pkispawn to create the first CA (Root) the certificates are created with predefined validity, signature algorithm, CN name, X509v3 extensions and etc. I searched for options/parameters which I can use with pkispawn and deployment config but I manage to find only this: https://fedorapeople.org/cgit/edewata/public_git/pki-dev.git/tree/scr ipts/ca.cfg Are there such options/parameters to customize the validity, CN, algorithm and etc during the build process with pkispawn? Or if not what are my options? Maybe I have to edit the some of the cfg in /usr/share/pki/ca/conf ? Much appreciate if someone can give me hints or help! Thank you in advance! Cho

_______________________________________________ Pki-users mailing list