[Pki-users] Java Crypto Libraries and CMC
Elliott William C OSS sIT
WilliamC.Elliott at s-itsolutions.at
Wed May 14 16:48:27 UTC 2014
Solaris. I had assumed, since CMC was a standard, there would be some support for it on several platforms - and especially java.
Bill
-----Original Message-----
From: Ade Lee [mailto:alee at redhat.com]
Sent: Mittwoch, 14. Mai 2014 15:53
To: Elliott William C OSS sIT
Cc: pki-users at redhat.com
Subject: Re: [Pki-users] Java Crypto Libraries and CMC [bayes]
Which operating systems are you considering? The Red Hat tools are all
written in Java - so potentially they might be usable on those other OS.
Ade
On Wed, 2014-05-14 at 08:42 +0000, Elliott William C OSS sIT wrote:
> Hi,
>
> We use the Redhat tools already for batch processing (CMCEnroll,AtoB, etc.). That's fine on RHEL, but we to create requests from applications running on other operating systems (and not MS) and have these processed synchronously. The developers need to use Java. CMC has been around awhile, but support for it doesn't seem to be so widespread. (MS apparently can also) We also use SCEP, but that protocol seems to be a dead-end - even the rfc states that CMC is to be preferred.
>
>
> thanks,
> William Elliott
>
> -----Original Message-----
> From: pki-users-bounces at redhat.com [mailto:pki-users-bounces at redhat.com] On Behalf Of Niranjan M.R
> Sent: Mittwoch, 14. Mai 2014 09:17
> To: pki-users at redhat.com
> Subject: Re: [Pki-users] Java Crypto Libraries and CMC [heur]
>
> On 05/14/2014 12:15 PM, Elliott William C OSS sIT wrote:
> > Hello,
> >
> >
> >
> > Could someone recommend Java libraries for creating CMC Requests? I'm
> > not a programmer, but it doesn't look as if JCE provides the necessary
> > tools. The only one I found that might is Bouncy Castle - it does CMS,
> > but I'm not sure if it's enough to form CMC requests.
>
> I am not aware of libraries, but have you tried CMCRequest which is part
> of pki-tools package.
>
> Documentation:
>
> https://access.redhat.com/site/documentation/en-US/Red_Hat_Certificate_System/8.1/html/Command-Line_Tools_Guide/CMC_Request.html
>
> I have not tried this on Dogtag 10 yet, but last i tried for CS 8.1
> it worked as below
>
> A. Create CRMF Request (using CRMFPopClient)
>
> B. Create a configuration file with parameters as mentioned in the above
> link.
>
> C. Run CMCRequest
> $ CMCRequest <cfg file>
>
> The CMCRequest will be saved in the output file mentioned in cfg file.
> >
> >
> >
> > Can agent authenticated CMC enrollment in Dogtag support more than one
> > certificate profile? Could the CMC servlet be "duplicated" and renamed
> > in the web.xml and connected to a second certificate profile?
> >
> >
> >
> > Thanks in advance for any tips!
> >
> >
> >
> > best regards,
> >
> >
> >
> > William Elliott
> >
> > s IT Solutions
> >
> > Open System Services
> >
> >
> >
> > s IT Solutions AT Spardat GmbH
> >
> >
> >
> > mailto:william.elliott at s-itsolutions.at
> >
> > www.s-itsolutions.com <http://www.s-itsolutions.com/>
> >
> >
> >
> > Head Office: Vienna Commercial Register No.: 152289f Commercial Court of
> > Vienna
> >
> >
> >
> > This message and any attached files are confidential and intended solely
> > for the addressee(s). Any publication, transmission or other use of the
> > information by a person or entity other than the intended addressee is
> > prohibited. If you receive this in error please contact the sender and
> > delete the material. The sender does not accept liability for any errors
> > or omissions as a result of the transmission.
> >
> >
> >
> >
> >
> > _______________________________________________
> > Pki-users mailing list
> > Pki-users at redhat.com
> > https://www.redhat.com/mailman/listinfo/pki-users
> >
>
>
> _______________________________________________
> Pki-users mailing list
> Pki-users at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users
>
> _______________________________________________
> Pki-users mailing list
> Pki-users at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users
More information about the Pki-users
mailing list