From: Markus K. <ejb...@pr...> - 2009-10-26 11:31:53
|
Hello Maxime, EJBCA has a concept called approvals that I think is similar but not exactly what you are looking for: http://www.ejbca.org/manual.html#Approving%20Actions You could then configure the certificate profile to require approval when adding an end entity. The request for adding a new end entity will then have to be approved by another administrator and first after that can the certificate be downloaded by the user. However this validation step is before the end entity is created and not after the CSR is submited. What do you want to have validated at the time of CSR submission? The parts that will go into the certificate is taken from the certificate profile and only the public key is read from the CSR so I am not sure if there are anything more to validate. Best Regards, Markus Maxime_V wrote: > Hello, > > I'm currently working on an ejbca demonstration. > > The CSR approbation is a feature I would like to demonstrate, but I do not > know if it's possible to do so with EJBCA (at least I do not know how to do > it). > > I have created and end entity profile and a certificate profile to manage > server certificates. > > I would like that the certificate requesters have their request being > approved by an ejbca administrator before they could download their new > certificate. > > Currently, when I'm testing it, I go to the public pages == > create > certificate from CSR, use my end entity user credentitials, add the csr, and > when I click on the "OK button", I get directly the certificate file ".pem". > > How could I add a validation (approbation) step between the csr submission > and the certificate download ? > > Thanks in advance for your help ! > > Regards, > > Maxime -- PrimeKey Solutions offers a commercial EJBCA support subscription and training for EJBCA. Please see www.primekey.se or contact in...@pr... for more information. http://download.primekey.se/documents/ejbca_subscription.pdf http://download.primekey.se/documents/ejbca_training.pdf |