[36149] in Kerberos
krb5-1.12.1, pkinit, and openssl ca
daemon@ATHENA.MIT.EDU (squidmobile@fastmail.fm)
Wed May 28 19:37:30 2014
Message-Id: <1401317191.2531.122663441.6CF8E13A@webmail.messagingengine.com>
From: "squidmobile@fastmail.fm" <squidmobile@fastmail.fm>
To: kerberos@mit.edu
MIME-Version: 1.0
Date: Wed, 28 May 2014 18:46:31 -0400
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
28 may 2014
greetings,
i tried to set up openssl ssl/tls certificates for krb5-1.12.1. i
used the extensions cited in the docs. i cut-and-pasted, so my
typing should not be an issue, and then double-checked the
extensions files. the openssl ca command looked like it ran ok,
but the output certificates lacked the proper data in the
extensions area of the output certificates.
this covers almost all if could find about the mapping file:
pkinit_mapping_file
Specifies the name of the ACL pkinit mapping file. This file
maps principals to the certificates that they can use.
i could not find any substantial docs on how to set up this
feature and how to use it.
any comments? any more docs somewhere?
would someone like a script log of the openssl ca process?
thank you for your time and assistance
frank smith
--
http://www.fastmail.fm - A no graphics, no pop-ups email service
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
