[Pki-users] Dogtag CA and FlatFileAuth
Dinesh Prasanth Moluguwan Krishnamoorthy
dmoluguw at redhat.com
Mon Aug 31 18:11:44 UTC 2020
Hi Dusan,
I am not familiar with SCEP but let me try answering your question.
The wiki page we have is: https://www.dogtagpki.org/wiki/SCEP_Setup
The RHCS doc we have is:
https://access.redhat.com/documentation/en-us/red_hat_certificate_system/9/html/administration_guide/enrolling_a_certificate_in_a_cisco_router
IIUC, if you want to use FQDN you need to add entries to DNS to map FQDN to
IP address.
For other types of authentication, maybe you can read the RHCS doc:
https://access.redhat.com/documentation/en-us/red_hat_certificate_system/9/html/administration_guide/automated_enrollment#Setting_up_Directory_Based_Authentication
HTH!
Regards,
--Dinesh
On Tue, Aug 18, 2020 at 6:56 AM Dusan Kozic <dusan.kozic at gmail.com> wrote:
> Good day!
>
> I am testing Dogtag CA with Cisco IOS client using the One Time Pin
> RouterCertificate Enrollment Certificate Profile. For authentication I am
> using auth.instance_id=flatFileAuth. This works OK in documented scenario
> where entries in flatfile.txt are like this:
>
> UID:<IP_address>
> PWD:<password>
>
> I have a question whether it is possible to change authentication
> parameters in flatfile.txt to authenticate routers using other parameters
> than IP address,e.g. FQDN or some user provided parameters.
>
> If not, Iam interested if this is possible if I change Authentication
> Manager to DirBasedAuthentication.
>
> Please provide me some documentation and examples about FlatFileAuth and
> DirBasedAuthentication.
>
> Thank you!
>
> --
> Kind regards,
>
> Dusan Kozic
>
> _______________________________________________
> Pki-users mailing list
> Pki-users at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-users/attachments/20200831/419429a7/attachment.htm>
More information about the Pki-users
mailing list