Menu
▾
▴
Re: [OpenXPKI-users] Unable to delete certificate
|
From: Oliver W. <ma...@ol...> - 2024-04-03 21:30:54
|
the system is not really designed to work with externally provided certificates, it is a PKI that manages the certificate lifecycle....if you might have a look at the man page of the import_certificate command you might be able to see the comment that a profile needs to be set to let the cert look like its orginates from this realm. You might also be able to find this answer in the MLs archives as it was questioned and answered more then once. On 03.04.24 21:22, James B. Byrne via OpenXPKI-users wrote: > After further exploration I have discovered that the certificate chain for the > imported certificates appears complete and correct. For example: > > openxpkiadm certificate list --realm hll_ca2016 --all -v -v > > Certificates in hll_ca2016: > > Identifier: 76QCIA3aO9WOjkW6g2SAGQXoATI > Subject: > DC=ca,DC=harte-lyne,DC=hamilton,C=CA,ST=Ontario,L=Hamilton,O=Harte & Lyne > Limited,OU=Networked Data Systems,CN=inet11.hamilton.harte-lyne.ca > Issuer DN: > DC=ca,DC=harte-lyne,C=CA,ST=Ontario,L=Hamilton,O=Harte & Lyne > Limited,OU=Networked Data Services,CN=CA_HLL_ISSUER_2016 > Chain: > 76QCIA3aO9WOjkW6g2SAGQXoATI -> Yh03GEV0ZGEqIGMf-fxZ3lErPmk -> > CYQ4rXzn4X14_pPNKi8_Pq-Ywg8(complete) > > Where: > Identifier: CYQ4rXzn4X14_pPNKi8_Pq-Ywg8 > Alias: > root-1 > > and > Identifier: Yh03GEV0ZGEqIGMf-fxZ3lErPmk > Alias: > ca-signer-1 > and > Identifier: 76QCIA3aO9WOjkW6g2SAGQXoATI > Subject: > DC=ca,DC=harte-lyne,DC=hamilton,C=CA,ST=Ontario,L=Hamilton,O=Harte & Lyne > Limited,OU=Networked Data Systems,CN=inet11.hamilton.harte-lyne.ca > > However, this certificate does not show up in the webui list of certificates > available : > > My Certificates > Find a list of your certificates below. > No data available > > How is this accomplished? > > > -- Protect your environment - close windows and adopt a penguin! |
