Menu
▾
▴
Re: [SignServer-develop] No signer certificate available
|
From: Marcus L. <mar...@pr...> - 2013-10-25 05:56:44
|
tor 2013-10-24 klockan 17:31 +0200 skrev Antoine Louiset: > Hi ! > > I've got a problem with PCKS11 configuration. > > When I use "getstatus brief all", the worker is offline, the > cryptotoken is active but I've got an error : "No signer certificate > available". Hi! How did you configure the signer? Did you use one of the sample configurations and modify to use the PKCS11CryptoToken? If you run the command bin/signserver getconfig <id of worker> how does the values for SIGNERCERT and SIGNERCERTCHAIN look like? Also, did you use the uploadsignercertificate and uploadsignercertificatechain CLI commands to upload the signer certificate and certificate chain signed by the CA for the signer key from the HSM? If you look at a document, f.ex. XML if it's an XML signer and extract the certificate from that, does it match the expected? Regards, Marcus Lundblad > > The defaultkey is set and it exists because if I set one which is not > in the HSM, it does not work. > > Something strange : it works when I sign a document (I change the > alias during the request so this is not the defaultkey which is used). > > I do not have an Exception when I sign whereas the signer seems to be > offline. I have only one worker so it could not be another one which > signed. > > Any ideas ? If the worker is offline, could it be a problem for > signserver ? > > Thanks a lot !! Your answer is precious for me. > > -- > Antoine Louiset > > > ------------------------------------------------------------------------------ > October Webinars: Code for Performance > Free Intel webinars can help you accelerate application performance. > Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from > the latest Intel processors and coprocessors. See abstracts and register > > http://pubads.g.doubleclick.net/gampad/clk?id=60135991&iu=/4140/ostg.clktrk > _______________________________________________ > SignServer-develop mailing list > Sig...@li... > https://lists.sourceforge.net/lists/listinfo/signserver-develop |
