Menu
▾
▴
Re: [Ejbca-develop] Getting error using CMP client with EJBCA
|
From: Tomas G. <to...@pr...> - 2014-11-18 08:16:45
|
You should check what errors you have on the server side. See http://ejbca.org/docs/adminguide.html#Troubleshooting Regards, Tomas --- Save time and money with an Enterprise support subscription. Please see www.primekey.se for more information. http://www.primekey.se/Products/EJBCA+PKI/ http://www.primekey.se/Services/Support/ On 2014-11-18 09:10, BARINDER PAL SINGH wrote: > Hello, > > I am using the CMP client patch for OPENSSL and trying to get the > certificate from the EJBCA VM deployed on the server > > I have configured the following things > > > Pre-registered client with password authentication > > * Download the CA certificate to the client(downloaded the existing > ManagementCA certificate and have put this CA certificate in the > location where CMP client code is compiled) > * Add a new end entity in EJBCA(added an end entity with the username > name: vmware and password:vmware) > * Run the command > > ejbca@ejbca:~/cmpforopenssl-code-766/src/openssl-client$ ./cmpclient > --server localhost --port 8080 --path ejbca/public/cmp --srvcert > ManagementCA.cacert.pem --ir --user vmware --password vmware --newclcert > user1.der --newkey user_key.pem --subject "CN=vmware,C=SC" > > But i am getting the following error > > ejbca@ejbca:~/cmpforopenssl-code-766/src/openssl-client$ ./cmpclient > --server localhost --port 8080 --path ejbca/public/cmp --srvcert > ManagementCA.cacert.pem --ir --user vmware --password vmware --newclcert > user1.der --newkey user_key.pem --subject "CN=vmware,C=SC" > INFO: Reading DER Certificate from File ManagementCA.cacert.pem > SUCCESS: BIO_new > INFO: Unable to read certificate in DER format, trying PEM... > INFO: Reading PEM Certificate from File ManagementCA.cacert.pem > SUCCESS: BIO_new > INFO: Using existing key file "user_key.pem" > INFO: Reading Public Key from File user_key.pem > INFO: the passphrase is ""... > SUCCESS: Reading PKEY > INFO: Sending Initialization Request > ERROR: received no initial Client Certificate. FILE cmpclient.c, LINE 394 > 139753323554464:error:3209D07F:CMP > routines:CMP_PKIMESSAGE_http_perform:invalid content type:cmp_http.c:906: > 139753323554464:error:32096083:CMP routines:CMP_doInitialRequestSeq:ip > not received:cmp_ses.c:373: > > > > Also i have configured the following configuration > The above requires a CMP alias in EJBCA with the following > configuration:(cmp alias with the name vmware) > > * Client mode > * HMAC > <http://en.wikipedia.org/wiki/Hash-based_message_authentication_code> authentication > module > * CN as extract username component > > Can you please suggest what might be wrong in the above configuration. > > Thanks in Advance > Barinder > > > ------------------------------------------------------------------------------ > Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server > from Actuate! Instantly Supercharge Your Business Reports and Dashboards > with Interactivity, Sharing, Native Excel Exports, App Integration & more > Get technology previously reserved for billion-dollar corporations, FREE > http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
