Activity for PKI_123
-
PKI_123 posted a comment on discussion Help
I'm not sure if this can help you solve your problem : AD Publisher
-
You might have to re-configure TLS once the Management CA is online again.
-
Humn, The default ManagementCA crypto token come with this key: encryptKey. you can try to generate it on the crypto token: Enter the keypair name encryptKey, select the algorithm and size then click Generate New Keypair. Then try to renew the CA again.
-
Humn, The default ManagementCA crypto token come with this key: encryptKey. you can try to generate it on the crypto token: Enter the keypair name encryptKey, select the algorithm and size then click Generate New Keypair. Then try to renew the CA again.
-
I think you should activate the CA: CA Functions > CA Activation > Activate CA (Crypto token and CA Service Action) Then try to renew again.
-
Before changing the crypto token, did you confirm that CryptoToken -367522817 does not exists ? To create crypto token: 1. Under CA Functions click Crypto Tokens. 2. Click Create new ... 3. Enter name (for example CT_MGMT), password, type ... etc then click on Save. 4. Enter the keypair name signKey, select the algorithm and size then click Generate New Keypair. 5. Enter the keypair name defaultKey, select the algorithm and size then click Generate New Keypair. 6. Enter the keypair name testKey,...
-
Before changing the crypto token, did you confirm that CryptoToken -367522817 does not exists ? To create crypto token: Under CA Functions click Crypto Tokens. Click Create new ... Enter name (for example CT_MGMT), password, type ... etc then click on Save. Enter the keypair name signKey, select the algorithm and size then click Generate New Keypair. Enter the keypair name defaultKey, select the algorithm and size then click Generate New Keypair. Enter the keypair name testKey, select the algorithm...
-
Well it seems that you've deleted the crypto token. I would suggest that you create a new crypto token (with signKey, testKey and defaultKey) With the command line link the new crypto token to the CA: bin/ejbca.sh ca changecatoken --caname <CA_NAME> --cryptotoken <NEW_CRYPTO_TOKEN> --execute Renew the CA and revoke the old CA certificate.
-
It looks like you've changed the CA private key. Try to renew your CA.
-
Home
-
Hello, I hope you are doing well. Is it possible to configure approval profiles for CA revocation/CA Generation (I've tried to configure it, but it only works for end entities) ? Thanks.
-
Hello, I hope you are doing well. Is it possible to configure approval profiles for CA revocation (I've tried to configure it, but it only works for end entities) ? Thanks.
-
Hello, I setted up EJBCA with SoftHSM 2, then I initiliazed a slot on the SoftHSM softhsm2-util --init-token --free --label myslot. After that I generated a key pair on the newly initiliazed slot as follow : pkcs11-tool --module /usr/lib/softhsm/libsofthsm2.so --slot 0x6ed3c395 --label myslot -k --key-type rsa:4096 -l Next, I restarted EJBCA and logged in to the admin web interface once it has started. Then I created a new crypto token (PKCS11), selected the slot myslot and attribute file as default....
-
Hello, I setted up EJBCA with SoftHSM 2, then I initiliazed a slot on the SoftHSM softhsm2-util --init-token --free --label myslot. After that I generated a key pair on the newly initiliazed slot as follow : pkcs11-tool --module /usr/lib/softhsm/libsofthsm2.so --slot 0x6ed3c395 --label myslot -k --key-type rsa:4096 -l Next, I restarted EJBCA and logged in to the admin gui once it has started. Then I created a new crypto token (PKCS11), selected the slot myslot and attribute file as default. Once...
-
Thank you, for your response. There are EJB APIs internally, which you could use by writing your own cli plugins. Where I can find information about this EJB API ?
-
Hello, Is there a way to programmatically add a new End Entity Profile ? ejbca.sh and WS seems to not have this functionality (maybe I'm wrong). Also is there a way to add certificate profiles to the EMPTY end entity profile ? EDIT: I'm using EJBCA CE latest version
-
Hello, Is there a way to programmatically add a new End Entity Profile ? ejbca.sh and WS seems to not have this functionality (maybe I'm wrong). Also is there a way to add certificate profiles to the EMPTY end entity profile ?
-
Hello, I have some questions about SignServer CE. Can someone please inform me about the supported signature formats for CAdES , XAdES, PAdES (-X -A ...) ? Can I Sign an already signed document ? Is PGP Signing and Client Authorization documented and supported in 5.0.0 CE Final ? Thank you
-
Hello, I have some questions about SignServer CE. Can someone please inform me about the supported signature formats for CAdES , XAdES, PAdES (-X -A ...) ? Can I Sign an already signed document ? Is PGP Signing and Client Authorization documented and supported in 5.0.0 Final ? Thank you
-
That's exactly what i did to solve it. Thank you. For EJBCA Entreprise i'm just learning for now :(
-
Humn ok i tried that and it works but only when working with ManagementCA, i want to change that to a new CA but i don't know how ( tried to do the same steps with other CA but didn't work won't get prompted by the browser to use certs issued by other CA, it prompts for only certs issued by ManagementCA ).
-
I'm sorry to bother you again, but i can't find help anywhere else. So i usually use my superadmin.p12 to navigate in EJBCA, i managed to have consistent access to RA gui by doing the following : - Go to /ejbca/adminweb/ - Go to Administrator Roles - Add a user - Click on Access Rules - Click on Advanced mode - Allow on / - Save and then go back to Administrator Roles - Then click on Members - Select PublicAccessAuthenticationToken:Any transport (HTTP or HTTPS) Now i want to create a certificate...
-
I'm sorry to bother you again, but i can't find help anywhere else. So i usually use my superadmin.p12 to navigate in EJBCA, i managed to have consistent access to RA gui by doing the following : Go to /ejbca/adminweb/ Go to Administrator Roles Add a user Click on Access Rules Click on Advanced mode Allow on / Save and then go back to Administrator Roles Then click on Members * Select PublicAccessAuthenticationToken:Any transport (HTTP or HTTPS) Now i want to create a certificate for RA gui access...
-
I'm sorry to bother you again, but i can't find help anywhere else. So i usually use my superadmin.p12 to navigate in EJBCA, i managed to have consistent access to RA gui by doing the following : Go to /ejbca/adminweb/ Go to Administrator Roles Add a user Click on Access Rules Click on Advanced mode Allow on / Save and then go back to Administrator Roles Then click on Members * Select PublicAccessAuthenticationToken:Any transport (HTTP or HTTPS) Now i want to create a certificate for RA gui access...
-
I'm sorry to bother you again, but i can't find help anywhere else. So i usually use my superadmin.p12 to navigate in EJBCA, i managed to have consistent access to RA gui by doing the following : Go to /ejbca/adminweb/ Go to Administrator Roles Add a user Click on Access Rules Click on Advanced mode Allow on / Save and then go back to Administrator Roles Then click on Members * Select PublicAccessAuthenticationToken:Any transport (HTTP or HTTPS) Now i want to create a certificate for RA gui access...
-
-
Can you remove this thread please, it was my smtp server all along ?
-
Can you remove this thread please, it was my smtp server all along ?
-
Can you remove this thread please, it was my smtp server all along ?
-
Hello, I'm trying to configure the email notification for ejbca. I've already installed ejbca and configured wildfly, but now i want to add email notification functionnality. At first i tried this (https://www.ejbca.org/docs/E-mail_Notifications.html) : Add support for sending email https://www.ejbca.org/docs/WildFly_14___JBoss_EAP_7.2.html Modifiy mail mail.properties with my config as follow # ------------ Mail configuration --------------------- mail.user=myid #my actual username mail.password=mypass...
-
Hello, I'm trying to configure the email notification for ejbca. I've already installed ejbca and configured wildfly, but now i want to add email notification functionnality. At first i tried this (https://www.ejbca.org/docs/E-mail_Notifications.html) : Add support for sending email https://www.ejbca.org/docs/WildFly_14___JBoss_EAP_7.2.html Modifiy mail mail.properties with my config as follow # ------------ Mail configuration --------------------- mail.user=myid #my actual username mail.password=mypass...
-
Hello, I'm trying to configure the email notification for ejbca. I've already installed ejbca and configured wildfly, but now i want to add email notification functionnality. At first i tried this (https://www.ejbca.org/docs/E-mail_Notifications.html) : Add support for sending email https://www.ejbca.org/docs/WildFly_14___JBoss_EAP_7.2.html Modifiy mail mail.properties with my config as follow # ------------ Mail configuration --------------------- mail.user=myid #my actual username mail.password=mypass...
-
Hello, I installed EJBCA with quick install script, i want to have acces to the RA GUI at /ejbca/ra. I don't know if the interface bug or not but sometimes i get the interface https://imgur.com/a/4H0g4Wz and most of the time is just like this https://imgur.com/wg3jNTb is this some kind of a bug or i'm missing something in the config files ? Thank you in advance
-
Hello, I installed EJBCA with quick install script, i want to have acces to the RA GUI at /ejbca/ra. I don't know if the interface bug or not but sometimes i get the interface and most of the time is just like this is this some kind of a bug or i'm missing something in the config files ? Thank you in advance
-
Hello, I installed EJBCA with quick install script, i want to have acces to the RA GUI at /ejbca/ra. I don't know if the interface bug or not but sometimes i get the interface and most of the time is just like this is this some kind of a bug or i'm missing something in the config files ? Thank you in advance
-
Okey thank you. I'll investigate ejbca.sh to find out if there's a way to generate a superadmin.p12 without having access to the admin panel.
-
I'm sorry to bother you again, that actually works and start wildfly without any problems, but i cannot have access to https://ejbca_IP;8443/ejbca/adminweb Cause: Authentification failed for Certificate: CN=SuperAdmin. Is there anyway to gain back access to the admin panel ? Thank you in advance.
-
I'm sorry to bother you again, that actually works and start wildfly without any problems, but i cannot have access to https://ejbca_IP;8443/ejbca/adminweb Cause: Authentification failed for Certificate: CN=SuperAdmin. Is there anyway to gain back access to the admin panel ? Thank you in advance.
-
I'm sorry to bother you again, that actually works and start wildfly without any problems, but i cannot access https://ejbca_IP;8443/ejbca/adminweb Cause: Authentification failed for Certificate: CN=SuperAdmin. Is there anyway to gain back access to the admin panel ? Thank you in advance.
-
Thank you for the response. It doesn't need ant deployear or some sort of reconfiguring ejbca with the new database ?. Best regards
-
Hello, I've installed ejbca with the quick start script, now i want to change the database username/password, the database name and the database URL. How can i do that ?
-
Hello, I've installed ejbca with the quick start script, now i want to change the database username/password, the database name and the database URL. How can i do that ?
1