Open vijay11tiwari opened 3 months ago
Which client is this? Does this work with the as-shipped scepclient? Thanks!
No, it is not a micromdm scep client. we have our client and it is running fine with Microsoft and cisco scep sever. we are testing micromdm scep server and it is failing for us.
MIght be worth trying mysqlscepserver over using the default file store. Seems like you might be having issues with the file store.
Not able to sign the client CSR certificate.
server side error.
{"caller":"scep.go:278","level":"debug","msg":"parsed scep pkiMessage","scep_message_type":"PKCSReq (19)","transaction_id":"D6CA8D501DA6EBEB4C694DC6FD7CE1B2","ts":"2024-06-10T19:32:24.8241114Z"} {"caller":"scep.go:355","has_challenge":true,"level":"debug","msg":"decrypt pkiEnvelope","ts":"2024-06-10T19:32:24.8254487Z"} {"caller":"service.go:88","err":"open depot\serial: The file exists.","msg":"failed to sign CSR","ts":"2024-06-10T19:32:24.8453609Z"}
SCEP client side error.
pkistatus: FAILURE finding attribute failInfo [int get_signed_attribute(struct stack_st_X509_ATTRIBUTE *, int, int, char *):1231] ASN1 Type: found 19 given 19 allocating 1 bytes for attribute [int pkcs7_unwrap(scepTransactionT ):1022] reason: Transaction not permitted or supported finding attribute failInfoText ASN.1 type not found rc(1) failInfoText is NULL pkcs7_unwrap fails with error = 1 enroll Sscep library call for enroll setup is failed.