muzzol wrote:
hi, i want to generate a certificate request from command line to send to an external CA. this is what i use: certutil -S -n "test-server" -s "CN=testserver.example.com" -c "CA auth" -t "u,u,u" -m 1023 -v 120 -d . and i get this error: certutil: unable to retrieve key CA auth: The private key for this certificate cannot be found in key database i've imported the root cert for CA auth though the GUI but certutil seems not to find it. if i create the request via GUI everything is fine, but i need to use certutil because i need to pass additional parameters not supported by the GUI. any hints?
-S generates a certificate using a CA from the same database. You want to create a Certificiate Signing Request (CSR). Try this:
certutil -R -s "CN=testserver.example.com" -d . -a This will produce a base64-encoded CSR that you can pass along to your CA. rob -- 389 users mailing list 389-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
