From dmoluguw at redhat.com Tue May 7 23:02:20 2019 From: dmoluguw at redhat.com (Dinesh Prasanth Moluguwan Krishnamoorthy) Date: Tue, 7 May 2019 19:02:20 -0400 Subject: [Pki-users] New Release: PKI 10.7.0 now available Message-ID: Hello everyone! We are happy to announce the next new release of PKI 10.7.0 and its deps. Brief of what's updated: - New JSS release 4.5.3-2 - Rebase tomcatjss to 7.4.0 - Rebase PKI to 10.7.0 PKI 10.7.0 is now available upstream: https://github.com/dogtagpki/pki/releases/tag/v10.7.0 Fedora 30 builds are available via the following update: https://bodhi.fedoraproject.org/updates/FEDORA-2019-1337735a42 Fedora 29 builds are available via the following update: https://bodhi.fedoraproject.org/updates/FEDORA-2019-40e2ad6d2c Fedora Rawhide builds are also available in Koji. We have official COPR builds available at: https://copr.fedorainfracloud.org/coprs/g/pki/master/ Please feel free to try it out. We would love to hear back from you! Happy testing! Regards, --Dinesh -------------- next part -------------- An HTML attachment was scrubbed... URL: From tjaalton at ubuntu.com Thu May 9 06:27:30 2019 From: tjaalton at ubuntu.com (Timo Aaltonen) Date: Thu, 9 May 2019 09:27:30 +0300 Subject: [Pki-users] pkispawn TPS fails Message-ID: Hi, While testing 10.6.10 I noticed that TPS installation fails: ... 2019-05-09 09:09:51 [https-jsse-nio-8443-exec-11] FINE: registerUser: Successfully added user TPS-foo.doomain-8443 to https://foo.domain:8443 using /tks/admin/tks/registerUser 2019-05-09 09:09:51 [https-jsse-nio-8443-exec-11] FINE: TPSInstallerService: importSharedSecret:False 2019-05-09 09:09:51 [https-jsse-nio-8443-exec-11] INFO: TPSInstallerService: Generating shared secret in TKS 2019-05-09 09:09:51 [https-jsse-nio-8443-exec-11] FINE: In ConfigurationUtils.getSharedSecret! importKey: false 2019-05-09 09:09:51 [https-jsse-nio-8443-exec-11] SEVERE: Unable to generate shared secret in TKS: Not Found com.netscape.certsrv.base.PKIException: Not Found I looked at CA/TKS debug logs but couldn't find any fault in them.. any ideas? -- t From sergo.kurbanov at gmail.com Tue May 14 12:03:40 2019 From: sergo.kurbanov at gmail.com (Sergo Kurbanov) Date: Tue, 14 May 2019 15:03:40 +0300 Subject: [Pki-users] Nonce for cert-request does not exist Message-ID: Hi, I trying to send some REST POST requests using Dogtag API: https://www.dogtagpki.org/wiki/CA_REST_API#Revoking_a_certificate or https://www.dogtagpki.org/wiki/CA_REST_API#Submitting_a_certificate_request Before it I got Nonce by asking: https://www.dogtagpki.org/wiki/CA_REST_API#Reviewing_a_certificate for getting Nonce, before calling Revoke or https://www.dogtagpki.org/wiki/CA_REST_API#Reviewing_a_certificate_request for getting Nonce, before calling Submit. But in any cases I getting Nonce for cert-request does not exist. For making connection I'm used certificate with admin rights. And any other request from https://www.dogtagpki.org/wiki/CA_REST_API that required client certificate authentication but not required Nonce - fulfilled successfully. In CA.cfg nonce enabled and moreover: if I check it by web admin console looking through with Developer Tools I see the same data and Nonce. Could anybody clarify that the reason and how to use the Nonce? BR, Sergo -------------- next part -------------- An HTML attachment was scrubbed... URL: