Problems with ssl cert expired an superadmin.p12
|
View:
New views
4 Messages
—
Rating Filter:
Alert me
|
 |
Problems with ssl cert expired an superadmin.p12
by Andrea Russos
::
Rate this Message:
|
|
|
Re: Problems with ssl cert expired an superadmin.p12
by Johan Eklund
::
Rate this Message:
Hi Andrea,
You can batch-generate a new superadmin.p12 just as you did with the tomcat keystore. (username=superadmin). The certificate validity is taken from the CertificateProfile you used to generate the certificate (e.g. 730 days). So certificates will expire after this period. In later versions of EJBCA there is a CertificateExpirationService that can warn you when any cert is about to expire. Best Regards and good luck, Johan Andrea skrev: > Hi all, > > I'm running ejbca Ejbca-3_4_3 qnd aiìm facing this problem: > > Yesterday my ssl_cert expired ... :-( > So, i followed the procedure with the CLI reported on ejbca-manual: > > 1. bin/ejbca.sh ra setuserstatus tomcat 10 > 2. bin/ejbca.sh ra setclearpwd tomcat <password from > httpsserver.password> > 3. bin/ejbca.sh batch > 4. cp p12/tomcat.jks $APPSRV_HOME/server/default/conf/keystore.jks > 5. Restart JBoss. > > After restarting Jboss i noticed that when i try to open the admin-gui ( > which refer to https ) my browser tell me i'm using a superadmin.p12 > certificate that is expired..... so my questions: > > 1) How can i re-generate a new superadmin.p12 based on the new > keystore.jks ?? > 2) ....will i find that the clients p12 files i've generated are steel > valid, or not ?? > > Thanks a lot in advance, > > --Andrea > > > ------------------------------------------------------------------------------ > Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day > trial. Simplify your report design, integration and deployment - and focus on > what you do best, core application coding. Discover what's new with > Crystal Reports now. http://p.sf.net/sfu/bobj-july > _______________________________________________ > Ejbca-develop mailing list > Ejbca-develop@... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > -- PrimeKey Solutions offers a commercial EJBCA support subscription and training for EJBCA. Please see www.primekey.se or contact info@... for more information. http://download.primekey.se/documents/ejbca_subscription.pdf http://download.primekey.se/documents/ejbca_training.pdf ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop |
|
|
Re: Problems with ssl cert expired an superadmin.p12
by Andrea Russos
::
Rate this Message:
|
|
|
Re: Problems with ssl cert expired an superadmin.p12
by Johan Eklund
::
Rate this Message:
Andrea skrev:
> Andrea ha scritto: > >> Hi all, >> >> I'm running ejbca Ejbca-3_4_3 qnd aiìm facing this problem: >> >> Yesterday my ssl_cert expired ... :-( >> So, i followed the procedure with the CLI reported on ejbca-manual: >> >> 1. bin/ejbca.sh ra setuserstatus tomcat 10 >> 2. bin/ejbca.sh ra setclearpwd tomcat <password from >> httpsserver.password> >> 3. bin/ejbca.sh batch >> 4. cp p12/tomcat.jks $APPSRV_HOME/server/default/conf/keystore.jks >> 5. Restart JBoss. >> >> After restarting Jboss i noticed that when i try to open the admin-gui ( >> which refer to https ) my browser tell me i'm using a superadmin.p12 >> certificate that is expired..... so my questions: >> >> 1) How can i re-generate a new superadmin.p12 based on the new >> keystore.jks ?? >> 2) ....will i find that the clients p12 files i've generated are steel >> valid, or not ?? >> >> Thanks a lot in advance, >> >> --Andrea >> >> >> ------------------------------------------------------------------------------ >> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day >> trial. Simplify your report design, integration and deployment - and focus on >> what you do best, core application coding. Discover what's new with >> Crystal Reports now. http://p.sf.net/sfu/bobj-july >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> >> >> > ...I resolved the problem !! > > I regenerate the superadmin.p12 with the same procedure; so i did: > > ./ejbca.sh ra setuserstatus superadmin 10 > ./ejbca.sh ra setclearpwd superadmin <MY PASSWD> > ./ejbca.sh batch > > I imported the new superadmin.p12 file in my browser and know it's OK !! > > ...Thanks a lot and sorry for the ( probaly ) silly question ..... > > --Andrea > > -- PrimeKey Solutions offers a commercial EJBCA support subscription and training for EJBCA. Please see www.primekey.se or contact info@... for more information. http://download.primekey.se/documents/ejbca_subscription.pdf http://download.primekey.se/documents/ejbca_training.pdf ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop |
smime.p7s (3K) | Free embeddable forum powered by Nabble | Forum Help |
