Menu
▾
▴
Re: [OpenXPKI-users] Issue: Your system status is critical!
|
From: Arthur H. <obf...@gm...> - 2018-06-28 14:42:15
|
Oliver, Thank you for your help, however I am still running into issues: 1. While logging in as operator and going to "PKI Operation" and "Publish CA/CRL" I'm encountering: "Unknown error (server workflow error on execute)" 2. I'm also seeing that the "Tokens of type datasafe" are status:OFFLINE. I followed your recommendation and created a new self-signed cert in the SSL/realm directory and imported it (I am using my own test realm, not the sample script), but maybe I missed a step? Thanks again, -Arthur On Thu, Jun 28, 2018 at 7:08 AM Oliver Welter <ma...@ol...> wrote: > Hi Arthur, > > > CRL expired - update required! > Login as Operator, go to "PKI Operations" and "Issue CRL". > I recommend just running a cronjob doing this > /usr/bin/openxpkicmd crl_issuance > > > Encryption token is expired > Generate a new Encryption Certificate/Key Pair - as this is used > internally only, you can use a selfsigned one. > Put the key file to /etc/openxpki/ssl/ca-one/ca-one-vault-2.pem > > Import the generated certificate and mark it as crypto token > openxpkiadm certificate import --file vaultcert.crt --realm ca-one > --token datasafe > > Note: The password for the key must match the value in crypto.yaml - if > you used the sample setup script, the password is "root". > > Oliver > > -- > Protect your environment - close windows and adopt a penguin! > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > OpenXPKI-users mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/openxpki-users > |
