<div dir="ltr"><div>Hi Dusan,</div><div><br></div><div>I am not familiar with SCEP but let me try answering your question.</div><div><br></div><div>The wiki page we have is: <a href="https://www.dogtagpki.org/wiki/SCEP_Setup">https://www.dogtagpki.org/wiki/SCEP_Setup</a></div><div>The RHCS doc we have is: <a href="https://access.redhat.com/documentation/en-us/red_hat_certificate_system/9/html/administration_guide/enrolling_a_certificate_in_a_cisco_router">https://access.redhat.com/documentation/en-us/red_hat_certificate_system/9/html/administration_guide/enrolling_a_certificate_in_a_cisco_router</a></div><div><br></div><div>IIUC, if you want to use FQDN you need to add entries to DNS to map FQDN to IP address.</div><div><br></div><div>For other types of authentication, maybe you can read the RHCS doc:</div><div><a href="https://access.redhat.com/documentation/en-us/red_hat_certificate_system/9/html/administration_guide/automated_enrollment#Setting_up_Directory_Based_Authentication">https://access.redhat.com/documentation/en-us/red_hat_certificate_system/9/html/administration_guide/automated_enrollment#Setting_up_Directory_Based_Authentication</a></div><div><br></div><div>HTH!</div><div><br></div><div>Regards,</div><div>--Dinesh<br></div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Aug 18, 2020 at 6:56 AM Dusan Kozic <<a href="mailto:dusan.kozic@gmail.com">dusan.kozic@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div>Good day!</div><div><br></div><div>I am testing Dogtag CA with Cisco IOS client using the One Time Pin RouterCertificate Enrollment Certificate Profile. For authentication I am using auth.instance_id=flatFileAuth. This works OK in documented scenario where entries in flatfile.txt are like this: <br></div><div><br></div><div>UID:<IP_address></div><div>PWD:<password></div><div><br></div><div>I have a question whether it is possible to change authentication parameters in flatfile.txt to authenticate routers using other parameters than IP address,e.g. FQDN or some user provided parameters.</div><div><br></div><div>If not, Iam interested if this is possible if I change Authentication Manager to DirBasedAuthentication.</div><div><br></div><div>Please provide me some documentation and examples about FlatFileAuth and DirBasedAuthentication.</div><div><br></div><div>Thank you!</div><br>-- <br><div dir="ltr">Kind regards,<br><br>Dusan Kozic</div><div dir="ltr"><br></div></div>
_______________________________________________<br>
Pki-users mailing list<br>
<a href="mailto:Pki-users@redhat.com" target="_blank">Pki-users@redhat.com</a><br>
<a href="https://www.redhat.com/mailman/listinfo/pki-users" rel="noreferrer" target="_blank">https://www.redhat.com/mailman/listinfo/pki-users</a></blockquote></div>