I have uploaded self signed certificate chain for the worker and default key was same for both worker and certificate chain. But unfortunately It showed certificate does not match key. If anyone could help me, It would be great. Thanks in advance.
bin/signserver getstatus complete 51
2019-10-13 14:32:25,533 INFO [naming] WildFly Naming version 1.0.9.Final-redhat-1
2019-10-13 14:32:25,595 INFO [security] ELY00001: WildFly Elytron version 1.6.1.Final-redhat-00001
2019-10-13 14:32:25,684 INFO [threads] JBoss Threads version 2.3.2.Final-redhat-1
Current version of server is : SignServer CE 5.0.0.Final
Status of Signer with ID 51 (shekhor12) is:
Worker status : Offline
Token status : Active
Signings : 0
Hi Shekhor,
Are you sure the certificate is for the key with alias "tigerit" in slot 2?
If you use the SignServer Admin GUI or Admin Web (v5.2+) you can look at the key entry in the CryptoToken tab and see the public key and then compare that with the public key in the certificate you installed.
How did you generate they key and issued the certificate for it?
Cheers,
Markus
PrimeKey Solutions
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I have uploaded self signed certificate chain for the worker and default key was same for both worker and certificate chain. But unfortunately It showed certificate does not match key. If anyone could help me, It would be great. Thanks in advance.
bin/signserver getstatus complete 51
2019-10-13 14:32:25,533 INFO [naming] WildFly Naming version 1.0.9.Final-redhat-1
2019-10-13 14:32:25,595 INFO [security] ELY00001: WildFly Elytron version 1.6.1.Final-redhat-00001
2019-10-13 14:32:25,684 INFO [threads] JBoss Threads version 2.3.2.Final-redhat-1
Current version of server is : SignServer CE 5.0.0.Final
Status of Signer with ID 51 (shekhor12) is:
Worker status : Offline
Token status : Active
Signings : 0
Errors:
- Certificate does not match key
Worker properties:
SLOTLABELVALUE=2
Authorized clients (serial number, issuer DN):
Signer certificate:
Subject DN: C=BN,ST=DK,L=DK,O=tigerit,OU=tigerit,CN=tigerit
Serial number: 70c52066
Issuer DN: C=BN,ST=DK,L=DK,O=tigerit,OU=tigerit,CN=tigerit
Valid from: 2019-10-13 12:37:23 BDT
Valid until: 2020-01-11 12:37:23 BDT
Hi Shekhor,
Are you sure the certificate is for the key with alias "tigerit" in slot 2?
If you use the SignServer Admin GUI or Admin Web (v5.2+) you can look at the key entry in the CryptoToken tab and see the public key and then compare that with the public key in the certificate you installed.
How did you generate they key and issued the certificate for it?
Cheers,
Markus
PrimeKey Solutions