Initial authentication method : EndEntityCertificate #753
Replies: 3 comments 1 reply
-
|
You have to work from the documentation, https://docs.keyfactor.com/ejbca/latest/cmp#id-(9.1.1)CMP-ClientModeforCMPClient_mode_for_CMP You should try and see what error messages you get, messages returned in the server.log are usually very helpful to say what is needed and what is missing. |
Beta Was this translation helpful? Give feedback.
-
|
Hello sir, As in CMP-Alias: 
Under Default CA section we are only able to select one CA. As per my understanding The CA which I selected here is only used to sign certificate response. So Do I need to create two different CMP-Alias for client and server certificate separately? |
Beta Was this translation helpful? Give feedback.
-
|
Default CA is only used for the Confirm message as the help text says. I recommend to not use Confirm at all but to use implicitConfirm instead. https://datatracker.ietf.org/doc/html/rfc4210#section-5.1.1.1 |
Beta Was this translation helpful? Give feedback.
-
|
Hello sir please guide me |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Hello sir
I am using CMP configuration:
In the Initial certificate creation request I passed one End Entity certificate which is:
Do I need to pass same private key of End Entity certificate which I passed in extracerts field in certificate creation request?
I make one more EndEntity:
Is it possible that CA of End Entity certificate which I passed in extracerts field is different and CA for the certificate creation request will be different.
3.I have one End Entity certificate which I passed in extracerts field in certificate creation request. Then how I generate server and client certificated with two different CA?
Sir please guide me
Beta Was this translation helpful? Give feedback.
All reactions