Maxwell Chandler

My VA server has the CertificateData table constantly synced with my CA. I have imported all the active CA certs on my CA into my VA as external CAs. Yet in the server.log i constantly see: No CertificateData found with fingerprint 049a1b0baf74aea8a811f24c8d72dba59a4e029b for 'CN=SUBCAOCSP' issued by 'CN=SUBCA'. Yet if i Query the ejbca.CertificateData table on my VA: MariaDB [ejbca]> select fingerprint from CertificateData; +------------------------------------------+ | fingerprint | +------------------------------------------+...

My VA server has the CertificateData table constantly synced with my CA. I have imported all the active CA certs on my CA into my VA as external CAs. Yet in the server.log i constantly see: No CertificateData found with fingerprint 049a1b0baf74aea8a811f24c8d72dba59a4e029b for 'CN=SUBCAOCSP' issued by 'CN=SUBCA'. Yet if i Query the ejbca.CertificateData table: MariaDB [ejbca]> select fingerprint from CertificateData; +------------------------------------------+ | fingerprint | +------------------------------------------+...

Hi, I have 2 instances. A CA and a VA. Within the CA server i have created a ssh key for the wildfly user. I can use this key to scp files to a directory on my VA without it asking for a password, everything is working fine. However, within the admin GUI in ejbca in the Publisher section, this fails. It can find the key, and the permissions for the key are fine. However it tells me that the CRL/Certificate location is inaccessable. I know this location exists on my VA and is accessable, because I...

Hi, sorry for posting here so often but I have a few questions with the tls="later" mode with ejbca docker setup. Question 1: How can I use "later" mode but replace the self-signed auto tls cert it makes with one that has been made by a management ca I have on another server? I dont like that this cert says "keyfactor docker quickstart" under organization, but i dont know how to get around this. Question 2: It seems the env variables PASSWORD_ENCRYPTION_KEY, CA_KEYSTOREPASS are not being utilized...

Hi, sorry for posting here so often but I have a few questions with the tls="later" mode with ejbca docker setup. Question 1: How can I use "later" mode but replace the self-signed auto tls cert it makes with one that has been made by a management ca I have on another server? I dont like that this cert says "keyfactor docker quickstart" under organization, but i dont know how to get around this. Question 2: It seems the env variables PASSWORD_ENCRYPTION_KEY, CA_KEYSTOREPASS are not being utilized...

Hi, sorry for posting here so often but I have a few questions with the tls="later" mode with ejbca docker setup. Question 1: How can I use "later" mode but replace the self-signed auto tls cert it makes with one that has been made by a management ca I have on another server? I dont like that this cert says "keyfactor docker quickstart" under organization, but i dont know how to get around this. Question 2: It seems the env variables PASSWORD_ENCRYPTION_KEY, CA_KEYSTOREPASS are not being utilized....

Hi, sorry for posting here so often but I have a few questions with the tls="later" mode with ejbca docker setup. Question 1: How can I use "later" mode but replace the self-signed auto tls cert it makes with one that has been made by a management ca I have on another server? I dont like that this cert says "keyfactor docker quickstart" under organization either. Question 2: It seems the env variables PASSWORD_ENCRYPTION_KEY, CA_KEYSTOREPASS are not being utilized. Only when I used the default "ejbca"...

Hi, sorry for posting here so often but I have a few questions with the tls="later" mode with ejbca docker setup. Question 1: How can I use "later" mode but replace the self-signed auto tls cert it makes with one that has been made by a management ca I have on another server? Question 2: It seems the env variables PASSWORD_ENCRYPTION_KEY, CA_KEYSTOREPASS are not being utilized. Only when I used the default "ejbca" password was I able to activate the intial crypto token during setup. I also mounted...