Menu
▾
▴
Re: [Ejbca-develop] EJBCA LDAP publishing userPKCS12
|
From: Tomas G. <to...@pr...> - 2012-09-05 08:51:56
|
Hi Richard, It is correct that any p12 file is not sent to publishers. p12 files are generated in outer, more client phasing layers of the CA. Getting that into publishers will not be easy. Perhaps alternative, add-on, approaches should be looked at for p12 files. I.e. publishing everything except the p12, and making an integration component that adds the p12, wherever/whenever that is generated. For 3, I don't really know. Did you have "clear text password" enabled for user. Otherwise publisher will not have access to the password. Regards, Tomas ----- PrimeKey Solutions offers commercial EJBCA and SignServer support subscriptions and training courses. Please see www.primekey.se or contact in...@pr... for more information. http://www.primekey.se/Services/Support/ http://www.primekey.se/Services/Training/ On 09/04/2012 02:07 AM, Richard Braman wrote: > PS. I did find out that the answer to question 1 and 2 is to modify the > ejbca_4_0_10/src/java/org/ejbca/core/model/ca/publisher/LdapPublisher.java > class to add the functions I want. Is there any guidance the dev team > can give me on what variable the p12 cert is going to be in? I already > reviewed the code in this file and it appears that I need to add my > attributes to the methods. > > On Mon, Sep 3, 2012 at 6:53 PM, Richard Braman <ehr...@gm... > <mailto:ehr...@gm...>> wrote: > > HI, I am a newbie to EJBCA but I have been able to setup a test CA > using latest EJBCA deployed on Ubuntu/Glassfish 2.1/MySQL. Many > thanks for the excellent product and instructions. I was also able > to configure publishing of new user data, plus the users cert > (public) to my OpenSSO based LDAP directory. I do have 3 questions: > > 1. I would like to publish the .p12 file (including the private > key) for the user to the LDAP attribute userPKCS12. Is this > possible without modification to the codebase? > > 2. I have a list of about 10 or so attributes in my LDAP that I > would like to publish out of the CA (I use the iPlanet Object > classes as well as Health Care Provider Directory classes defined by > IHE International. > > 3. I did not see that userPassword was published, even though I > check the box. > > Thanks in advance for the help. > > RIchard Braman > > > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
