|
»
Multiple Certificates Per End Entity
|
View:
New views
10 Messages
—
Rating Filter:
Alert me
|
 |
Multiple Certificates Per End Entity
by Joenateen
::
Rate this Message:
Some parts of this message have been removed.
Learn more about Nabble's security policy.
Thanks Joenateen Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. Sign up now. ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop |
|
|
Re: Multiple Certificates Per End Entity
by Tomas Gustavsson
::
Rate this Message:
Yes it is exactly this that is the purpose of the "user" concept, so you can have multiple certificates easily viewable for each user. Just issue a new certificate for the same username and it will have multiple certificates. "Edit End Entity", you can select new certificate profiles to have different types of certificates. Cheers, Tomas ----- PrimeKey Solutions offers a commercial EJBCA support subscription and training for EJBCA. Please see www.primekey.se or contact info@... for more information. http://www.primekey.se/Services/Support/ http://www.primekey.se/Services/Training/ Mark Seaborn wrote: > Is it possible to create more than one certificate for any given end entity? I want to be able to create certificates for an end user for different applications and not use the same cert for every user application. I have been and am still digging in the users pages but have not found the answer > > > > Thanks > > Joenateen > > _________________________________________________________________ > Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. > http://clk.atdmt.com/GBL/go/196390709/direct/01/ > > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------------ > This SF.Net email is sponsored by the Verizon Developer Community > Take advantage of Verizon's best-in-class app development support > A streamlined, 14 day to market process makes app distribution fast and easy > Join now and get one step closer to millions of Verizon customers > http://p.sf.net/sfu/verizon-dev2dev > > > ------------------------------------------------------------------------ > > _______________________________________________ > Ejbca-develop mailing list > Ejbca-develop@... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop |
|
|
Re: Multiple Certificates Per End Entity
by ejbca-support
::
Rate this Message:
Hi,
Alternatively, in the end entity profile you can set the 'number of allowed requests' policy. Then you will be allowed to set allowed number of requests when you create the user. There is a maximum number of five requests though. Kind regards, Tham Tomas Gustavsson wrote: > Yes it is exactly this that is the purpose of the "user" concept, so you > can have multiple certificates easily viewable for each user. > > Just issue a new certificate for the same username and it will have > multiple certificates. "Edit End Entity", you can select new certificate > profiles to have different types of certificates. > > Cheers, > Tomas > ----- > PrimeKey Solutions offers a commercial EJBCA support subscription and > training for EJBCA. Please see www.primekey.se or contact > info@... for more information. > http://www.primekey.se/Services/Support/ > http://www.primekey.se/Services/Training/ > > Mark Seaborn wrote: > >> Is it possible to create more than one certificate for any given end entity? I want to be able to create certificates for an end user for different applications and not use the same cert for every user application. I have been and am still digging in the users pages but have not found the answer >> >> >> >> Thanks >> >> Joenateen >> >> _________________________________________________________________ >> Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. >> http://clk.atdmt.com/GBL/go/196390709/direct/01/ >> >> >> ------------------------------------------------------------------------ >> >> ------------------------------------------------------------------------------ >> This SF.Net email is sponsored by the Verizon Developer Community >> Take advantage of Verizon's best-in-class app development support >> A streamlined, 14 day to market process makes app distribution fast and easy >> Join now and get one step closer to millions of Verizon customers >> http://p.sf.net/sfu/verizon-dev2dev >> >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> > > > ------------------------------------------------------------------------------ > This SF.Net email is sponsored by the Verizon Developer Community > Take advantage of Verizon's best-in-class app development support > A streamlined, 14 day to market process makes app distribution fast and easy > Join now and get one step closer to millions of Verizon customers > http://p.sf.net/sfu/verizon-dev2dev > _______________________________________________ > Ejbca-develop mailing list > Ejbca-develop@... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop |
|
|
Re: Multiple Certificates Per End Entity
by Joenateen
::
Rate this Message:
Ok, so let me see if I have this straight. I am seeing two certificates in the end user now. But it is not what I expected. In order to create multiple certificates for a user
1. Create the certificate profiles for each certificate I want to issue. 2. Create the "End Entity Profile" and select the certificates that I want to have issued to a user assigned to a given "End Entity Profile" in the "Available Certificate Profiles" list box (multiselect). 3. Create a user and specify the "End Entity Profile" with aforementioned certificates. 4. Go to the public web section and request the certificates using the "Create Keystore" link. Right? I also am having troubles finding the example code for the external RA function. I don't have SVN for the windows platform. Is there a zip file somewhere?
|
|
|
Re: Multiple Certificates Per End Entity
by Tomas Gustavsson
::
Rate this Message:
Yes, that is correct. What is not as expected with that? Combine it with Thams suggestion and you can create multiple certificates immediately one after the other. The extra zip is available from the download page. It contains all code with tests, samples, docs, etc. http://ejbca.org/download.html Cheers, Tomas Joenateen wrote: > Ok, so let me see if I have this straight. I am seeing two certificates in > the end user now. But it is not what I expected. In order to create multiple > certificates for a user > > 1. Create the certificate profiles for each certificate I want to issue. > 2. Create the "End Entity Profile" and select the certificates that I want > to have issued to a user assigned to a given "End Entity Profile" in the > "Available Certificate Profiles" list box (multiselect). > 3. Create a user and specify the "End Entity Profile" with aforementioned > certificates. > 4. Go to the public web section and request the certificates using the > "Create Keystore" link. > > Right? > > I also am having troubles finding the example code for the external RA > function. I don't have SVN for the windows platform. Is there a zip file > somewhere? > > > Tomas Gustavsson wrote: >> >> Yes it is exactly this that is the purpose of the "user" concept, so you >> can have multiple certificates easily viewable for each user. >> >> Just issue a new certificate for the same username and it will have >> multiple certificates. "Edit End Entity", you can select new certificate >> profiles to have different types of certificates. >> >> Cheers, >> Tomas >> ----- >> PrimeKey Solutions offers a commercial EJBCA support subscription and >> training for EJBCA. Please see www.primekey.se or contact >> info@... for more information. >> http://www.primekey.se/Services/Support/ >> http://www.primekey.se/Services/Training/ >> >> Mark Seaborn wrote: >>> Is it possible to create more than one certificate for any given end >>> entity? I want to be able to create certificates for an end user for >>> different applications and not use the same cert for every user >>> application. I have been and am still digging in the users pages but have >>> not found the answer >>> >>> >>> >>> Thanks >>> >>> Joenateen >>> >>> _________________________________________________________________ >>> Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. >>> http://clk.atdmt.com/GBL/go/196390709/direct/01/ >>> >>> >>> ------------------------------------------------------------------------ >>> >>> ------------------------------------------------------------------------------ >>> This SF.Net email is sponsored by the Verizon Developer Community >>> Take advantage of Verizon's best-in-class app development support >>> A streamlined, 14 day to market process makes app distribution fast and >>> easy >>> Join now and get one step closer to millions of Verizon customers >>> http://p.sf.net/sfu/verizon-dev2dev >>> >>> >>> ------------------------------------------------------------------------ >>> >>> _______________________________________________ >>> Ejbca-develop mailing list >>> Ejbca-develop@... >>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> ------------------------------------------------------------------------------ >> This SF.Net email is sponsored by the Verizon Developer Community >> Take advantage of Verizon's best-in-class app development support >> A streamlined, 14 day to market process makes app distribution fast and >> easy >> Join now and get one step closer to millions of Verizon customers >> http://p.sf.net/sfu/verizon-dev2dev >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> > ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop |
|
|
Re: Multiple Certificates Per End Entity
by Joenateen
::
Rate this Message:
Thanks for the quick response.
So when I follow the steps I listed, I only get one certificate. Specifically the certificate that I ask for in the user interface following the "Create Keystore" link. I do notice that the second step of certificate enrollment asks for which certificate to generate. It generates the certificate specified but I am back to the issue of only getting one certificate. If I go through the process again. It tells me that the user is not in the right state to generate the second certificates. I am sure that I am just using the interfaces wrong. Now if I go back to the admin screens and put the users back in the "New" state, I can generate the second certificate with no problem. I think I made a bad assumption in assuming that I could generate multiple certificates for the user from one pass through the "Create Keystore" interface. Is this the intended behavior for the interface in the "out of the box" functionality?
|
|
|
Re: Multiple Certificates Per End Entity
by ejbca-support
::
Rate this Message:
You are correct that you will need to use the 'create keystore' option
from the public page for each of the certificates you want to create. If you followed the steps I mentioned earlier you should not have to use the admin page to set status to new in between. Kind regards, Tham Joenateen wrote: > Thanks for the quick response. > > So when I follow the steps I listed, I only get one certificate. > Specifically the certificate that I ask for in the user interface following > the "Create Keystore" link. I do notice that the second step of certificate > enrollment asks for which certificate to generate. It generates the > certificate specified but I am back to the issue of only getting one > certificate. If I go through the process again. It tells me that the user is > not in the right state to generate the second certificates. I am sure that I > am just using the interfaces wrong. > > Now if I go back to the admin screens and put the users back in the "New" > state, I can generate the second certificate with no problem. I think I made > a bad assumption in assuming that I could generate multiple certificates for > the user from one pass through the "Create Keystore" interface. > > Is this the intended behavior for the interface in the "out of the box" > functionality? > > > Tomas Gustavsson wrote: > >> Yes, that is correct. What is not as expected with that? Combine it with >> Thams suggestion and you can create multiple certificates immediately >> one after the other. >> >> The extra zip is available from the download page. It contains all code >> with tests, samples, docs, etc. >> http://ejbca.org/download.html >> >> Cheers, >> Tomas >> >> >> Joenateen wrote: >> >>> Ok, so let me see if I have this straight. I am seeing two certificates >>> in >>> the end user now. But it is not what I expected. In order to create >>> multiple >>> certificates for a user >>> >>> 1. Create the certificate profiles for each certificate I want to issue. >>> 2. Create the "End Entity Profile" and select the certificates that I >>> want >>> to have issued to a user assigned to a given "End Entity Profile" in the >>> "Available Certificate Profiles" list box (multiselect). >>> 3. Create a user and specify the "End Entity Profile" with aforementioned >>> certificates. >>> 4. Go to the public web section and request the certificates using the >>> "Create Keystore" link. >>> >>> Right? >>> >>> I also am having troubles finding the example code for the external RA >>> function. I don't have SVN for the windows platform. Is there a zip file >>> somewhere? >>> >>> >>> Tomas Gustavsson wrote: >>> >>>> Yes it is exactly this that is the purpose of the "user" concept, so you >>>> can have multiple certificates easily viewable for each user. >>>> >>>> Just issue a new certificate for the same username and it will have >>>> multiple certificates. "Edit End Entity", you can select new certificate >>>> profiles to have different types of certificates. >>>> >>>> Cheers, >>>> Tomas >>>> ----- >>>> PrimeKey Solutions offers a commercial EJBCA support subscription and >>>> training for EJBCA. Please see www.primekey.se or contact >>>> info@... for more information. >>>> http://www.primekey.se/Services/Support/ >>>> http://www.primekey.se/Services/Training/ >>>> >>>> Mark Seaborn wrote: >>>> >>>>> Is it possible to create more than one certificate for any given end >>>>> entity? I want to be able to create certificates for an end user for >>>>> different applications and not use the same cert for every user >>>>> application. I have been and am still digging in the users pages but >>>>> have >>>>> not found the answer >>>>> >>>>> >>>>> >>>>> Thanks >>>>> >>>>> Joenateen >>>>> >>>>> _________________________________________________________________ >>>>> Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. >>>>> http://clk.atdmt.com/GBL/go/196390709/direct/01/ >>>>> >>>>> >>>>> ------------------------------------------------------------------------ >>>>> >>>>> ------------------------------------------------------------------------------ >>>>> This SF.Net email is sponsored by the Verizon Developer Community >>>>> Take advantage of Verizon's best-in-class app development support >>>>> A streamlined, 14 day to market process makes app distribution fast and >>>>> easy >>>>> Join now and get one step closer to millions of Verizon customers >>>>> http://p.sf.net/sfu/verizon-dev2dev >>>>> >>>>> >>>>> ------------------------------------------------------------------------ >>>>> >>>>> _______________________________________________ >>>>> Ejbca-develop mailing list >>>>> Ejbca-develop@... >>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>> >>>> ------------------------------------------------------------------------------ >>>> This SF.Net email is sponsored by the Verizon Developer Community >>>> Take advantage of Verizon's best-in-class app development support >>>> A streamlined, 14 day to market process makes app distribution fast and >>>> easy >>>> Join now and get one step closer to millions of Verizon customers >>>> http://p.sf.net/sfu/verizon-dev2dev >>>> _______________________________________________ >>>> Ejbca-develop mailing list >>>> Ejbca-develop@... >>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>> >>>> >>>> >> ------------------------------------------------------------------------------ >> This SF.Net email is sponsored by the Verizon Developer Community >> Take advantage of Verizon's best-in-class app development support >> A streamlined, 14 day to market process makes app distribution fast and >> easy >> Join now and get one step closer to millions of Verizon customers >> http://p.sf.net/sfu/verizon-dev2dev >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> >> > > ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop |
|
|
Re: Multiple Certificates Per End Entity
by Joenateen
::
Rate this Message:
oh, I think I get what Thams eluded to now as well.
|
|
|
Re: Multiple Certificates Per End Entity
by Joenateen
::
Rate this Message:
Thanks, that registered after I wrote the last reply. Thanks for you help guys.
|
|
|
Re: Multiple Certificates Per End Entity
by ejbca-support
::
Rate this Message:
You are welcome!
If a 'one click' feature is really important to you you have a couple of options as I see it. 1. You could write your own RA page and use the web service interface to create all the allowed certificates at once. 2. You could add the functionality to EJBCA yourself. I am sure it would be a welcome contribution! 3. You can hire someone to do one of the above. PrimeKey offers professional services of this kind. It all depends on your requirements. I hope things work out. Kind regards, Tham Joenateen wrote: > Thanks, that registered after I wrote the last reply. Thanks for you help > guys. > > > Johan Eklund wrote: > >> You are correct that you will need to use the 'create keystore' option >> from the public page for each of the certificates you want to create. >> >> If you followed the steps I mentioned earlier you should not have to use >> the admin page to set status to new in between. >> >> Kind regards, >> Tham >> >> Joenateen wrote: >> >>> Thanks for the quick response. >>> >>> So when I follow the steps I listed, I only get one certificate. >>> Specifically the certificate that I ask for in the user interface >>> following >>> the "Create Keystore" link. I do notice that the second step of >>> certificate >>> enrollment asks for which certificate to generate. It generates the >>> certificate specified but I am back to the issue of only getting one >>> certificate. If I go through the process again. It tells me that the user >>> is >>> not in the right state to generate the second certificates. I am sure >>> that I >>> am just using the interfaces wrong. >>> >>> Now if I go back to the admin screens and put the users back in the "New" >>> state, I can generate the second certificate with no problem. I think I >>> made >>> a bad assumption in assuming that I could generate multiple certificates >>> for >>> the user from one pass through the "Create Keystore" interface. >>> >>> Is this the intended behavior for the interface in the "out of the box" >>> functionality? >>> >>> >>> Tomas Gustavsson wrote: >>> >>> >>>> Yes, that is correct. What is not as expected with that? Combine it with >>>> Thams suggestion and you can create multiple certificates immediately >>>> one after the other. >>>> >>>> The extra zip is available from the download page. It contains all code >>>> with tests, samples, docs, etc. >>>> http://ejbca.org/download.html >>>> >>>> Cheers, >>>> Tomas >>>> >>>> >>>> Joenateen wrote: >>>> >>>> >>>>> Ok, so let me see if I have this straight. I am seeing two certificates >>>>> in >>>>> the end user now. But it is not what I expected. In order to create >>>>> multiple >>>>> certificates for a user >>>>> >>>>> 1. Create the certificate profiles for each certificate I want to >>>>> issue. >>>>> 2. Create the "End Entity Profile" and select the certificates that I >>>>> want >>>>> to have issued to a user assigned to a given "End Entity Profile" in >>>>> the >>>>> "Available Certificate Profiles" list box (multiselect). >>>>> 3. Create a user and specify the "End Entity Profile" with >>>>> aforementioned >>>>> certificates. >>>>> 4. Go to the public web section and request the certificates using the >>>>> "Create Keystore" link. >>>>> >>>>> Right? >>>>> >>>>> I also am having troubles finding the example code for the external RA >>>>> function. I don't have SVN for the windows platform. Is there a zip >>>>> file >>>>> somewhere? >>>>> >>>>> >>>>> Tomas Gustavsson wrote: >>>>> >>>>> >>>>>> Yes it is exactly this that is the purpose of the "user" concept, so >>>>>> you >>>>>> can have multiple certificates easily viewable for each user. >>>>>> >>>>>> Just issue a new certificate for the same username and it will have >>>>>> multiple certificates. "Edit End Entity", you can select new >>>>>> certificate >>>>>> profiles to have different types of certificates. >>>>>> >>>>>> Cheers, >>>>>> Tomas >>>>>> ----- >>>>>> PrimeKey Solutions offers a commercial EJBCA support subscription and >>>>>> training for EJBCA. Please see www.primekey.se or contact >>>>>> info@... for more information. >>>>>> http://www.primekey.se/Services/Support/ >>>>>> http://www.primekey.se/Services/Training/ >>>>>> >>>>>> Mark Seaborn wrote: >>>>>> >>>>>> >>>>>>> Is it possible to create more than one certificate for any given end >>>>>>> entity? I want to be able to create certificates for an end user for >>>>>>> different applications and not use the same cert for every user >>>>>>> application. I have been and am still digging in the users pages but >>>>>>> have >>>>>>> not found the answer >>>>>>> >>>>>>> >>>>>>> >>>>>>> Thanks >>>>>>> >>>>>>> Joenateen >>>>>>> >>>>>>> _________________________________________________________________ >>>>>>> Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. >>>>>>> http://clk.atdmt.com/GBL/go/196390709/direct/01/ >>>>>>> >>>>>>> >>>>>>> ------------------------------------------------------------------------ >>>>>>> >>>>>>> ------------------------------------------------------------------------------ >>>>>>> This SF.Net email is sponsored by the Verizon Developer Community >>>>>>> Take advantage of Verizon's best-in-class app development support >>>>>>> A streamlined, 14 day to market process makes app distribution fast >>>>>>> and >>>>>>> easy >>>>>>> Join now and get one step closer to millions of Verizon customers >>>>>>> http://p.sf.net/sfu/verizon-dev2dev >>>>>>> >>>>>>> >>>>>>> ------------------------------------------------------------------------ >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Ejbca-develop mailing list >>>>>>> Ejbca-develop@... >>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>> >>>>>>> >>>>>> ------------------------------------------------------------------------------ >>>>>> This SF.Net email is sponsored by the Verizon Developer Community >>>>>> Take advantage of Verizon's best-in-class app development support >>>>>> A streamlined, 14 day to market process makes app distribution fast >>>>>> and >>>>>> easy >>>>>> Join now and get one step closer to millions of Verizon customers >>>>>> http://p.sf.net/sfu/verizon-dev2dev >>>>>> _______________________________________________ >>>>>> Ejbca-develop mailing list >>>>>> Ejbca-develop@... >>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>> >>>>>> >>>>>> >>>>>> >>>> ------------------------------------------------------------------------------ >>>> This SF.Net email is sponsored by the Verizon Developer Community >>>> Take advantage of Verizon's best-in-class app development support >>>> A streamlined, 14 day to market process makes app distribution fast and >>>> easy >>>> Join now and get one step closer to millions of Verizon customers >>>> http://p.sf.net/sfu/verizon-dev2dev >>>> _______________________________________________ >>>> Ejbca-develop mailing list >>>> Ejbca-develop@... >>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>> >>>> >>>> >>>> >>> >>> >> ------------------------------------------------------------------------------ >> This SF.Net email is sponsored by the Verizon Developer Community >> Take advantage of Verizon's best-in-class app development support >> A streamlined, 14 day to market process makes app distribution fast and >> easy >> Join now and get one step closer to millions of Verizon customers >> http://p.sf.net/sfu/verizon-dev2dev >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> >> > > ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop |
| Free embeddable forum powered by Nabble | Forum Help |
