[Pki-users] Can I change the CN = CA Signing Certificate to something else?

Ben Peck tangoxix at gmail.com
Fri May 15 15:04:21 UTC 2015 

Thanks very much Fraser, I missed that. That's what I was looking for.

Ben Peck

On Fri, May 15, 2015 at 1:05 AM, Fraser Tweedale <ftweedal at redhat.com>
wrote:

> On Fri, May 15, 2015 at 12:29:19AM -0500, Ben Peck wrote:
> > I'm running Fedora 21 with Dogtag 10.2.1-3. My CA's Certificate was given
> > "CA Signing Certificate" as its CN, and I'm wondering how it got that way
> > and it might be customized on install.
> >
> > Running pkispawn interactively definitely didn't give me an opportunity
> to
> > supply a name, and looking over the config file I could customize also
> > doesn't seem to provide an opportunity to customize this:
> >
> > Dogtag 9 gave the opportunity to customize this as part of the initial
> > setup - where is this done in version 10?
> >
> > thanks,
> > Ben
> >
> Hi Ben,
>
> pkispawn(8) does not ask what yo uwant the CN to be, but you can
> tell it via a configuration file.
>
> Minimal pkispawn(8) configuration file:
>
>   [DEFAULT]
>   pki_admin_password=4me2Test
>   pki_client_database_password=4me2Test
>   pki_client_pkcs12_password=4me2Test
>   pki_ds_password=4me2Test
>
>   [CA]
>   pki_profiles_in_ldap=True
>   pki_ca_signing_subject_dn=cn=YOUR CN HERE
>
> Spawn an instance:
>
>   $ pkispawn -s CA -f your-config.conf
>
> Hope that helps!
> Fraser
>
>
> >
> > pki_admin_email=caadmin at example.com
> > pki_admin_name=caadmin
> > pki_admin_nickname=caadmin
> > pki_admin_password=Secret123
> > pki_admin_uid=caadmin
> > pki_backup_keys=True
> > pki_backup_password=Secret123
> > pki_client_database_password=Secret123
> > pki_client_database_purge=False
> > pki_client_pkcs12_password=Secret123
> > pki_ds_base_dn=dc=ca,dc=example,dc=com
> > pki_ds_database=ca
> > pki_ds_password=Secret123
> > pki_security_domain_name=EXAMPLE
> > pki_token_password=Secret123
>
> > _______________________________________________
> > Pki-users mailing list
> > Pki-users at redhat.com
> > https://www.redhat.com/mailman/listinfo/pki-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-users/attachments/20150515/da8eb3e0/attachment.htm>

More information about the Pki-users mailing list