[Pki-users] SCEP enroll with works once
Wojciech Kromer
wojciech.kromer at dgt.com.pl
Tue Oct 11 18:02:19 UTC 2016
>>
>> I'm just trying to make SCEP work on Fedora with dogtag.
>> On client side I'm using sscep as described in doc.
>>
>> It work fine on very first enroll, but after this flatfile.txt
>> changes from something like :
>> UID:1.2.3.4
>> PWD:secret
>>
>> into this:
>> #UID:1.2.3.4
>> #PWD:secret
>>
>>
>> What's wrong?
> This is working "by design", the credentials should not be left over
> for unlimited enrollment use, as this is supposed to be a "one-time
> pin", so they are commentified.
> In fact they should even be completely removed for somehow better
> practice.
Thank you for answer.
Is there another way to use SCEP for automatic certificate "download"
every time router reboots?
I do not want to save certificate in it's flash...
Best regards.
WK
More information about the Pki-users
mailing list