#120 Enroll EC keys with SCEP
Opened 6 months ago by brunovernay. Modified 6 months ago

Might be more of a Feature Request, but shouldn't it be possible to use an EC key for the certificate (the CSR, the PKCS#10) but specify another RSA key (from another certificate) for the PKCS#7 wrapper??
https://pagure.io/certmonger/blob/master/f/src/scepgen-o.c#_760

The idea would be to have options to do like this https://access.redhat.com/documentation/en-us/red_hat_certificate_system/9/html/administration_guide/enrolling_a_certificate_in_a_cisco_router#issuing-ecc-certificates-with-scep


I suppose it's possible but it is not likely something we would prioritize.

https://www.youtube.com/watch?v=-mTnY0C4muo

Is the project targeting quantum resistant crypto? The roadmap is empty (or managed elsewhere)

In the meantime, Embedded devices, "IoT" could benefit from Active Directory Certificate Service and their "Network Device Enrolment Service NDES" SCEP server implementation.

Login to comment on this ticket.

Metadata