Currently to submit a CSR, this can be done through browser, but to submit a CSR through CLI, the current method is to get the profile XML, edit the XML and put the CSR in the XML. This requires editing the XML and hand-crafting it.
Is it possible to add a feature to add support of adding CSR to client-cert-request without editing profile XML?
This is already implemented in ticket #456 in commit ec9c68d68eabff3784fcf6dabf2c6745734b3c9c.
The CSR can be submitted from CLI without an XML file as follows:
$ pki ca-cert-request-submit --profile caUserCert \ --request-type pkcs10 --csr-file testuser.csr --subject uid=testuser
It's documented here: http://pki.fedoraproject.org/wiki/PKI_Certificate_CLI#Submitting_a_Certificate_Request
There's also ticket #1705 to not require the subject DN parameter.
Metadata Update from @mrniranjan: - Issue set to the milestone: 10.3.0
Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.
This issue has been cloned to GitHub and is available here: https://github.com/dogtagpki/pki/issues/2275
If you want to receive further updates on the issue, please navigate to the GitHub issue and click on Subscribe button.
Subscribe
Thank you for understanding, and we apologize for any inconvenience.
Login to comment on this ticket.