search

maritimeconnectivity / IdentityRegistry

MCP (Maritime Connectivity Platform) Identity Registry API
http://maritimeconnectivity.net/#core_components
Apache License 2.0
16 stars 8 forks source link

CSR issues when using X509 API #43

Open IcarusCoding opened 5 months ago

IcarusCoding commented 5 months ago

When I try to issue a certificate for a user with the OIDC API, I can create a certificate with no issues: curl -X POST "https://api.maritimeconnectivity.net/oidc/api/org/{orgMrn}/user/{userMrn}/certificate/issue-new/csr" -H "Content-Type: text/plain" -H "Authorization: Bearer {token}" --data-binary @request.csr When I try the same using the X509 API, I always get an HTTP 403: Forbidden error: curl -X POST "https://api-x509.maritimeconnectivity.net/x509/api/org/{orgMrn}/user/{userMrn}/certificate/issue-new/csr" -H "Content-Type: text/plain" --data-binary @request.csr --cert cert.pem --key key.pem

I tried certificate based client authentication using curl, postman and a custom solution using Java. Every approach results in the same error. The used OIDC token and the used certificate belong to the MCPADMIN user.

oliverhaagh commented 5 months ago

Hi @IcarusCoding. I have unfortunately not been able to recreate this issue. Would it possible for you to send me the URL of the request together with the certificate you are using either as a comment here, or in an email to me on oliver@dmc.international?