Marco Fargetta
Marco Fargetta
The `enc` command does not support `salt` longer of 8 bytes. If you tried the remaining part of the salt is truncated. ``` ]$ openssl aes-256-cbc -pass pass:test -md sha256...
Following the SCEP specs (https://www.rfc-editor.org/rfc/rfc8894.txt) the AES support has been introduced for encrypting certificate massage. Fix #3324
Trying to get a certificate request from a certificate does not work. The error is: ``` [root@pki /]# pki-server ca-cert-request-find --cert-file ca3_s.pem Traceback (most recent call last): File "/usr/lib/python3.11/site-packages/pki/server/pkiserver.py", line...
The template for the CA's EE page to submit certificate request (`base/ca/shared/webapps/ca/ee/ca/ProfileSelect.template`) makes use of the `KEYGEN` html tag if the profile has an input of type `keyGenInputImpl`. Support for...
Many applications can use custom ssl socket factory for the communication so it is possible to create the socket with **JSS** and make the communication secure. However, many applications instantiate...
From the [cms documentation](https://www.rfc-editor.org/rfc/rfc5652#section-5.2.1) there is a difference between CMS and PKCS7: > PKCS #7 defines content as: > > content [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL > >...
PKI has a plan to re-implement REST APIs using different libraries and supporting only JSON format. The new APIs have a different path, `/v2`, and when ready the current implementation...
OCSP CI tests are all working with one exception. Here an example: https://github.com/dogtagpki/pki/actions/runs/8925832601 The main difference generating the error is in the DS container deployment. The non working test try...
Currently the installation of the LDAP will generate a self-signed certificate for the security of the messages and the channel. Should be possible to provide/update the certificate with a certificate...
Currently the installation of the Shibboleth SP will generate a self-signed certificate for the security of the messages and the channel. Should be possible to provide/update the certificate with a...