Closed jrbges closed 3 hours ago
gregtwallace
commented
3 hours ago The key you're using appears to be ECDSA or a 4,096 RSA key. These keys aren't supported on NMC2 and as such there is no file generated for the NMC2.
see: https://github.com/gregtwallace/apc-p15-tool#compatibility-notice
jrbges
commented
3 hours ago What about the NMC3? Can I not use this tool to create files for them?
Get Outlook for iOShttps://aka.ms/o0ukef
JamesBishop| IT Infrastructure Engineer I Direct +1 702 263 2764 7000 Lindell Road NV, 89118 www.ges.com| @.*** CONFIDENTIAL NOTICE: This e-mail transmission (and the attachments, if any, accompanying it) may contain confidential information. The information is intended only for the use of the intended recipient. If you are not the intended recipient, you are hereby notified that any forwarding, disclosure, copying, distribution, or the taking of any action in reliance on the contents of this information is strictly prohibited. Any unauthorized interception of this transmission is illegal under the law. If you have received this transmission in error, please promptly notify the sender by reply e-mail, and then destroy all copies of the transmission. vGESUS001
From: Greg T. Wallace @.> Sent: Tuesday, October 1, 2024 5:49:30 PM To: gregtwallace/apc-p15-tool @.> Cc: James Bishop @.>; Author @.> Subject: Re: [gregtwallace/apc-p15-tool] only creates the key file. (Issue #7)
You don't often get email from @.*** Learn why this is importanthttps://aka.ms/LearnAboutSenderIdentification
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the source of this email and know the content is safe. Use the Outlook Report Message feature to report suspicious emails.
The key you're using appears to be ECDSA or a 4,096 RSA key. These keys aren't supported on NMC2 and as such there is no file generated for the NMC2.
see: https://github.com/gregtwallace/apc-p15-tool#compatibility-notice
— Reply to this email directly, view it on GitHubhttps://github.com/gregtwallace/apc-p15-tool/issues/7#issuecomment-2387368728, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BLYN6H5HODWB5LDBAK7KGO3ZZM7JVAVCNFSM6AAAAABPGSD6PKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGOBXGM3DQNZSHA. You are receiving this because you authored the thread.Message ID: @.***>
gregtwallace
commented
3 hours ago Modern NMC3 uses the key file that is generated + the cert.pem. If your NMC3 is on an older firmware, you'll need to use an NMC2 compatible key which will cause the file you're looking for to be generated (or update your firmware).
jrbges
commented
3 hours ago Thanks for all your help. I will have to play with it again tomorrow. I have been having a hard time getting our inhouse CA and cert on the web ssl.
Get Outlook for iOShttps://aka.ms/o0ukef
JamesBishop| IT Infrastructure Engineer I Direct +1 702 263 2764 7000 Lindell Road NV, 89118 www.ges.com| @.*** CONFIDENTIAL NOTICE: This e-mail transmission (and the attachments, if any, accompanying it) may contain confidential information. The information is intended only for the use of the intended recipient. If you are not the intended recipient, you are hereby notified that any forwarding, disclosure, copying, distribution, or the taking of any action in reliance on the contents of this information is strictly prohibited. Any unauthorized interception of this transmission is illegal under the law. If you have received this transmission in error, please promptly notify the sender by reply e-mail, and then destroy all copies of the transmission. vGESUS001
From: Greg T. Wallace @.> Sent: Tuesday, October 1, 2024 6:07:42 PM To: gregtwallace/apc-p15-tool @.> Cc: James Bishop @.>; Author @.> Subject: Re: [gregtwallace/apc-p15-tool] only creates the key file. (Issue #7)
You don't often get email from @.*** Learn why this is importanthttps://aka.ms/LearnAboutSenderIdentification
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the source of this email and know the content is safe. Use the Outlook Report Message feature to report suspicious emails.
Modern NMC3 uses the key file that is generated + the cert.pem. If your NMC3 is on an older firmware, you'll need to use an NMC2 compatible key which will cause the file you're looking for to be generated.
— Reply to this email directly, view it on GitHubhttps://github.com/gregtwallace/apc-p15-tool/issues/7#issuecomment-2387443300, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BLYN6H4XCK2NKBWHUF54V7LZZNBN5AVCNFSM6AAAAABPGSD6PKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGOBXGQ2DGMZQGA. You are receiving this because you authored the thread.Message ID: @.***>
gregtwallace
commented
3 hours ago If you want the least headache, I'd recommend use of RSA 2,048 bit keys unless you have a specific requirement that doesn't allow that.
running this command -> apc-p15-tool.exe create --keyfile ./usnv02idf01-ups01-cert3-key.pem --certfile ./usnv02idf01-ups01-cert3.pem This is the output apc-p15-tool v1.1.0 create: making apc p15 file(s) content from pem create: successfully parsed pem files create: successfully generated p15 key file content create: key type is not supported by NMC2, skipping p15 key+cert file content create: apc p15 file(s) data succesfully generated create: apc p15 key file apctool.key.p15 written to disk apc-p15-tool done
Only writes the apctool.key.p15 file to disk. I get no apctool.p15 file.
What format does the .pem input files need to be in?