[Pki-users] install dogtag with exist private key
anater dembelov
anater78 at gmail.com
Sun Jun 26 08:47:13 UTC 2016
Good afternoon!
Many thanks! It works!
But I would recommend to add an option when signing OpenSSL -set_serial 1.
Then the imported root certificate will have the correct serial number 1.
Anatoly.
2016-06-16 18:13 GMT+03:00 Endi Sukma Dewata <edewata at redhat.com>:
> On 06/16/2016 09:47 AM, anater dembelov wrote:
>
>> By an example from
>>
>> http://pki.fedoraproject.org/wiki/Installing_CA_with_OpenSSL_CA_Certificate
>> I created keys, request and the certificate.
>> But!
>> [root at f23-zero ~] # pki pkcs12-cert-mod - pkcs12-file ca.p12 "CA
>> Certificate" - pkcs12-password-file password.txt - trust-flags CTu, Cu, Cu
>> NotInitializedException: null
>>
>> Not work!?
>>
>> Help!
>>
>
> Hi, it looks like you need to create an NSS database for the pki tool
> first:
>
> $ pki -c Secret123 client-init
>
> For the --trust-flags option there should not be any space between the
> flags. And make sure the double-dashes are written exactly as in the
> example.
>
> I've updated the wiki page based on your feedback. Thanks!
> Just let me know if there are other problems.
>
> --
> Endi S. Dewata
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-users/attachments/20160626/aa519fdd/attachment.htm>
More information about the Pki-users
mailing list