[Pki-users] pki cli default CA Admin Unauthorized
Endi Sukma Dewata
edewata at redhat.com
Tue Dec 22 00:41:30 UTC 2015
On 12/21/2015 4:52 PM, Alex Harrison wrote:
> I've set up a new installation of the dogtag CA and I'm trying to
approve requests using the default ca admin created at install using the
commands from the wiki:
> http://pki.fedoraproject.org/wiki/CA_Admin_Setup
>
> When I try to approve, I simply get an "Unauthorized" response. It
seems I receive this any time I perform either an admin or agent
command. Any idea what steps I am missing?
Hi,
The above wiki page is actually used to create a new CA admin user,
which requires an existing CA admin to approve it. When you install CA
subsystem it will have a default CA admin user which you can use
directly. It's not necessary to create another CA admin user unless you
want to give admin access to someone else.
To use the default CA admin user please take a look at this page:
http://pki.fedoraproject.org/wiki/Default_CA_Admin
You can either import the CA admin cert into ~/.dogtag/nssdb first, or
use it directly from ~/.dogtag/pki-tomcat/ca/alias if you created the CA
with pki_client_database_purge=False.
If you're still having issues, could you post the exact commands you're
trying to execute? Thanks.
--
Endi S. Dewata
More information about the Pki-users
mailing list