[Ejbca-develop] Automating CSR signing

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi,

I am evaluating EJBCA to see if it will fit my current needs. This needs
includes the possibility to automate the signing of CSR generated by
users. My "users" will be systems that I will plug to my isolated and
trusted network, they will automatically generate key pairs, the
corresponding CSR, submit it for signing before leaving into the wild
with their certificate.

I had a look at the SOAP API but it seems it is more focused on RA and
CA functionality (e.g. it requires authentication with certificate that
my systems don't have yet).

I had a look at SCEP and CMP protocols but open-source implementations
seems outdated/hard to get working and they seems overkill for what I
want to do.

I though about manually sending HTTP POST requests to the public web
interface but maybe there is a better way ?