forked from certnanny/sscep
-
Notifications
You must be signed in to change notification settings - Fork 1
User Guide
Endi S. Dewata edited this page Jan 20, 2023
·
5 revisions
$ sscep getca \
-u http://pki.example.com:8080/ca/cgi-bin/pkiclient.exe \
-c ca.crt
$ openssl x509 -text -noout -in ca.crt
$ mkrequest -ip $CLIENT_IP Secret.123
$ openssl req -text -noout -in local.csr
$ sscep enroll \
-u http://pki.example.com:8080/ca/cgi-bin/pkiclient.exe \
-c ca.crt \
-k local.key \
-r local.csr \
-l local.crt \
-E 3des \
-S sha256
$ openssl x509 -text -noout -in local.crt
$ podman run \
--name client \
--hostname client.example.com \
--network example \
--network-alias client.example.com \
-it \
--detach \
quay.io/dogtagpki/sscep
$ podman exec client sscep getca \
-u http://pki.example.com:8080/ca/cgi-bin/pkiclient.exe \
-c ca.crt
$ podman exec client openssl x509 -text -noout -in ca.crt
$ podman exec client mkrequest -ip $CLIENT_IP Secret.123
$ podman exec client openssl req -text -noout -in local.csr
$ podman exec client sscep enroll \
-u http://pki.example.com:8080/ca/cgi-bin/pkiclient.exe \
-c ca.crt \
-k local.key \
-r local.csr \
-l local.crt \
-E 3des \
-S sha256
$ podman exec client openssl x509 -text -noout -in local.crt