Closed hainguyen291 closed 5 years ago
Hello Hai,
Can you post the certificates you're using? I.e the CA cert you're using in the central server, the intermediate certificate (if you're using one) and the sign certificate you're trying to import. I think the exception comes from being unable to verify the certificate chain.
Information about your EJBCA end entities would also be helpful, I suppose.
As far as EJBCA is concerned, our capability to support it here is somewhat minimal, but we'll try to help :)
Hi @JyrgenSuvalov
Attached files are my ocsp.pem file, which I used for Certificate Services on central server. I don't use intermediate certificate. The two others are my sign and auth certificates, which I sent to CA server to request. cert.zip
Btw, are there any instruction to install X-Road via source code downloaded from github?
Thanks, Hai
@JyrgenSuvalov Do you need more information about this EJBCA?
Regards, Hai
@hainguyen291 Sorry I haven't replied. I'm afraid I'm currently really not able to provide much help, since I don't have access to an EJBCA myself at the moment.
There's an overview of EJBCA and using it with X-Road here: https://www.auul.pri.ee/wiki/EJBCA_CA_haldamine#X-tee_turvaserveri_sertifikaatide_haldamine (it's in Estonian, but Google translate should help). It's not a quick start guide however.
@JyrgenSuvalov Thanks for your support.
Best, Hai
If the problem still persists, please open a new issue in the X-Road Development repository.
Regards, Petteri
Hi everybody,
I am using my own ejbca certificate to add to Certificate services on Central Server. However, I couldn't use singed certs, which were sent from Security Server to ejbca CA server to be signed, to import to SS. I always get error
audit.log
Are there anything I need to do with my EJBCA CA before use it to sign certs? Regards, Hai