EJBCA CMPV2 Configuration #913
prasunmathur85
started this conversation in
General
Replies: 1 comment
-
|
I would suggest to run the examples here: https://docs.keyfactor.com/ejbca/latest/cmp-operations-guide In RA mode with the secret you have specified, it's not related to any end entity. You have specified the RAs authentication code with the "secret" in the CMP alias. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Hello
I'm trying to create the CMPV2 Server in RA mode or Client mode for the certificate generation, with password based authentication for POC purpose. Getting below error while requesting the certificate from the Client.
2025-07-01 13:36:39,620+0000 INFO [org.ejbca.ui.web.protocol.CmpServlet] (default task-1) CMP message received from: 10.211.5.17, for CMP alias: cmpalias
2025-07-01 13:36:39,625+0000 INFO [org.ejbca.core.protocol.cmp.CmpMessageDispatcherSessionBean] (default task-1) Dispatching message of type 0 with transaction ID: #fe60c71e407fb136e3cb3fe337d42d2a
2025-07-01 13:36:39,632+0000 INFO [org.cesecore.audit.impl.log4j.Log4jDevice] (default task-1) 2025-07-01 13:36:39+00:00;ACCESS_CONTROL;SUCCESS;ACCESSCONTROL;CORE;10.211.5.17;;;;resource0=/ca/-1163443220
2025-07-01 13:36:39,638+0000 INFO [org.cesecore.audit.impl.log4j.Log4jDevice] (default task-1) 2025-07-01 13:36:39+00:00;ACCESS_CONTROL;SUCCESS;ACCESSCONTROL;CORE;10.211.5.17;;;;resource0=/ca/-1163443220
2025-07-01 13:36:39,658+0000 INFO [org.ejbca.core.protocol.cmp.authentication.HMACAuthenticationModule] (default task-1) Authentication failed for message. test-entity.
2025-07-01 13:36:39,659+0000 INFO [org.ejbca.core.protocol.cmp.CrmfMessageHandler] (default task-1) Authentication failed for message. test-entity.
2025-07-01 13:36:39,659+0000 INFO [org.cesecore.audit.impl.log4j.Log4jDevice] (default task-1) 2025-07-01 13:36:39+00:00;ACCESS_CONTROL;SUCCESS;ACCESSCONTROL;CORE;cmpProtocolSignErrorResponse;;;;resource0=/ca/-1163443220
2025-07-01 13:36:39,693+0000 INFO [org.ejbca.ui.web.protocol.CmpServlet] (default task-1) Sent a CMP response to: 10.211.5.17, process time 73.
sh-5.1$ ./ejbca.sh ra findendentity test-entity
2025-07-01 14:07:17,686+0000 INFO [org.ejbca.ui.cli.ra.FindEndEntityCommand] (main) Found end entity:
2025-07-01 14:07:17,696+0000 INFO [org.ejbca.ui.cli.ra.FindEndEntityCommand] (main) Username: test-entity
2025-07-01 14:07:17,696+0000 INFO [org.ejbca.ui.cli.ra.FindEndEntityCommand] (main) Password: password
2025-07-01 14:07:17,696+0000 INFO [org.ejbca.ui.cli.ra.FindEndEntityCommand] (main) DN: "CN=test-entity,O=Example,C=IN"
2025-07-01 14:07:17,696+0000 INFO [org.ejbca.ui.cli.ra.FindEndEntityCommand] (main) Alt Name: ""
2025-07-01 14:07:17,697+0000 INFO [org.ejbca.ui.cli.ra.FindEndEntityCommand] (main) Directory Attributes: ""
2025-07-01 14:07:17,697+0000 INFO [org.ejbca.ui.cli.ra.FindEndEntityCommand] (main) E-Mail:
2025-07-01 14:07:17,697+0000 INFO [org.ejbca.ui.cli.ra.FindEndEntityCommand] (main) Status: 10
2025-07-01 14:07:17,697+0000 INFO [org.ejbca.ui.cli.ra.FindEndEntityCommand] (main) Type: 1
2025-07-01 14:07:17,697+0000 INFO [org.ejbca.ui.cli.ra.FindEndEntityCommand] (main) Token Type: 1
2025-07-01 14:07:17,697+0000 INFO [org.ejbca.ui.cli.ra.FindEndEntityCommand] (main) End Entity Profile ID: 1
2025-07-01 14:07:17,697+0000 INFO [org.ejbca.ui.cli.ra.FindEndEntityCommand] (main) Certificate Profile ID: 1
2025-07-01 14:07:17,698+0000 INFO [org.ejbca.ui.cli.ra.FindEndEntityCommand] (main) Created: Tue Jul 01 06:49:39 UTC 2025
2025-07-01 14:07:17,699+0000 INFO [org.ejbca.ui.cli.ra.FindEndEntityCommand] (main) Modified: Tue Jul 01 09:29:38 UTC 2025
sh-5.1$
Would love to hear from the genius people
Beta Was this translation helpful? Give feedback.
All reactions