Comments (6)
Hi, thanks for the detailed comment. As you may know, I use my spare time to maintain this project (for free). I will come back to you in the next days when I find time.
from xipki.
Karaf 6.5.2 includes the CMP command.
Karaf 6.5.3 does not have the CMP command.
Karaf 6.5.3 does provide the CMP commands. You need to call the ./prepare.sh
before starting xipki-cli
at the first time.
Can you upload the log file data/log/karaf.log
of xipki-cli
.
from xipki.
I can reproduce the problem you described above. The problem is the public key of the new certificate is not contained in the request, and the server have a bug in this case. As a workaround, use the option --embeds-publickey
in the cmp-update-p12
/ cmp-update-p11
command. This problem is fixed by the patch here 0677d83ba88dcc2ea9354059a252d9360b34a038.
from xipki.
And to your figure and description above:
- The
renewal
andupdate
processes in you figure above are correct, however, CMP does not provide explict APIs for both cases. They share the same API. So the best is even you do theupdate
, also includes the public key in the request. - On the right of you figure, the computation of
Hash
is only for Hash-then-Sign signatures, e.g. RSA and ECDSA. But not for EdDSA. And if theE
-Box is for Encryption, it does only to some signature algorithms, e.g. RSA, but not to ECDSA, EDDSA and DSA.
from xipki.
I'd like to review the information you provided right away, but it seems difficult to do so immediately due to other tasks. I will examine it as soon as possible and get back to you with my feedback. Thank you
from xipki.
Thank you for your reply.
I confirmed that the problem was resolved.
from xipki.
Related Issues (20)
- Unable to access Karaf tool HOT 2
- est-gw: audit id ordering issue HOT 2
- ocsp.json, OCSP HOT 2
- CSR - Server Error 500
- Facing errror while initialising ca schema HOT 5
- The assemblies artifacts were not pushed to central for 6.4.0 HOT 3
- could not remove user <>, error: remote management is not permitted to the client without valid certificate HOT 6
- REST gateway CA can't be selected through URL
- Unable to import database to xipki:6.3.0 from 5.3.15 HOT 15
- Error while generating cert.der in xipki: 6.3.0v HOT 4
- Error while changing ca with new masterpassword. v6.3.0 HOT 4
- NullPointerException in cmp gateway using xi:cmp-update-p12 because no profile is set. HOT 4
- v6.4.0: Exception in ca-server SdkResponder while updating an existing certificate HOT 1
- Unable to adduser HOT 11
- do you have an example of ocsp client call server HOT 4
- In xipki-6.5.1, cert does not get generated with SAN configuration HOT 4
- Ibm QradarDLC certificate apply error HOT 5
- Request support to configure CA_URL HOT 2
- Unable to revoke certs in Xipki:6.5.1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from xipki.