You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am using EJBCA for SCEP enrollment. It is not possible for me to call getca because the response is 404 wrong (or missing) MIME content type. Any ideas?
$ sscep getca -u http://ejbca.domain.tld/ejbca/publicweb/apply/scep/demo/pkiclient.exe -c /tmp/ca.crt -vd
sscep: starting sscep, version 0.10.0
sscep: new transaction
sscep: transaction id: SSCEP transactionId
sscep: hostname: ejbca.domain.tld
sscep: directory: ejbca/publicweb/apply/scep/demo/pkiclient.exe
sscep: port: 80
sscep: SCEP_OPERATION_GETCAPS
sscep: scep request:
GET /ejbca/publicweb/apply/scep/demo/pkiclient.exe?operation=GetCACaps HTTP/1.1
Host: ejbca.domain.tld
Connection: close
sscep: connecting to ejbca.domain.tld:80
sscep: server response status code: 200, MIME header: text/plain
POSTPKIOperation
Renewal
SHA-512
SHA-256
SHA-1
DES3
sscep: scep caps bitmask: 0x02ba
sscep: SCEP_OPERATION_GETCA
sscep: scep request:
GET /ejbca/publicweb/apply/scep/demo/pkiclient.exe?operation=GetCACert&message=CAIdentifier HTTP/1.1
Host: ejbca.domain.tld
Connection: close
sscep: connecting to ejbca.domain.tld:80
sscep: server response status code: 404, MIME header: text/html
sscep: wrong (or missing) MIME content type
sscep: error while sending message
The text was updated successfully, but these errors were encountered:
Bug found. When calling with -i '' then it works well.
$ sscep getca -u http://ejbca.domain.tld/ejbca/publicweb/apply/scep/demo/pkiclient.exe -c /tmp/ca.crt -i '' -vd
[...]
sscep: scep caps bitmask: 0x02ba
sscep: SCEP_OPERATION_GETCA
sscep: scep request:
GET /ejbca/publicweb/apply/scep/demo/pkiclient.exe?operation=GetCACert HTTP/1.1
Host: ejbca.domain.tld
Connection: close
sscep: connecting to ejbca.domain.tld:80
sscep: server response status code: 200, MIME header: application/x-x509-ca-ra-cert
sscep: valid response from server
[...]
If no parameter -i is defined, then the GET request must not include the MESSAGE.
oregano87
changed the title
Trying SSCEP with EJBCA but it returns an error
CAIdentifier will send with GETCA even it is not defined in the call
Oct 26, 2022
I am using EJBCA for SCEP enrollment. It is not possible for me to call getca because the response is 404 wrong (or missing) MIME content type. Any ideas?
The text was updated successfully, but these errors were encountered: