Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 614879 Details for
Bug 859043
ipa-server-install results in error -5987
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
Full log
ipaserver-install.log (text/x-log), 155.25 KB, created by
Marius Vollmer
on 2012-09-20 12:53:06 UTC
(
hide
)
Description:
Full log
Filename:
MIME Type:
Creator:
Marius Vollmer
Created:
2012-09-20 12:53:06 UTC
Size:
155.25 KB
patch
obsolete
>2012-09-20T12:32:08Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' >2012-09-20T12:32:08Z DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index' >2012-09-20T12:32:08Z DEBUG httpd is not configured >2012-09-20T12:32:08Z DEBUG kadmin is not configured >2012-09-20T12:32:08Z DEBUG dirsrv is not configured >2012-09-20T12:32:08Z DEBUG pki-cad is not configured >2012-09-20T12:32:08Z DEBUG pkids is not configured >2012-09-20T12:32:08Z DEBUG install is not configured >2012-09-20T12:32:08Z DEBUG krb5kdc is not configured >2012-09-20T12:32:08Z DEBUG ntpd is not configured >2012-09-20T12:32:08Z DEBUG named is not configured >2012-09-20T12:32:08Z DEBUG ipa_memcached is not configured >2012-09-20T12:32:08Z DEBUG filestore is tracking no files >2012-09-20T12:32:08Z DEBUG Loading Index file from '/var/lib/ipa-client/sysrestore/sysrestore.index' >2012-09-20T12:32:08Z DEBUG /sbin/ipa-server-install was invoked with options: {'zone_refresh': 30, 'reverse_zone': None, 'setup_pkinit': True, 'realm_name': 'FI.LAN', 'create_sshfp': True, 'conf_sshd': True, 'conf_ntp': True, 'subject': None, 'no_forwarders': False, 'ui_redirect': True, 'domain_name': 'fi.lan', 'idmax': 0, 'hbac_allow': False, 'no_reverse': False, 'dirsrv_pkcs12': None, 'unattended': False, 'pkinit_pkcs12': None, 'selfsign': False, 'trust_sshfp': False, 'external_ca_file': None, 'no_host_dns': False, 'http_pkcs12': None, 'zone_notif': False, 'forwarders': None, 'idstart': 1380800000, 'external_ca': False, 'ip_address': None, 'zonemgr': None, 'setup_dns': True, 'host_name': None, 'debug': False, 'external_cert_file': None, 'uninstall': False, 'pkinit_pin': None} >2012-09-20T12:32:08Z DEBUG missing options might be asked for interactively later > >2012-09-20T12:32:08Z DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index' >2012-09-20T12:32:08Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' >2012-09-20T12:32:18Z DEBUG will use host_name: fi.lan > >2012-09-20T12:32:32Z DEBUG args=/sbin/ip -family inet -oneline address show >2012-09-20T12:32:32Z DEBUG stdout=1: lo inet 127.0.0.1/8 scope host lo >2: eth0 inet 192.168.100.30/24 brd 192.168.100.255 scope global eth0 > >2012-09-20T12:32:32Z DEBUG stderr= >2012-09-20T12:32:45Z DEBUG will use dns_forwarders: [] > >2012-09-20T12:32:58Z DEBUG importing all plugin modules in '/usr/lib/python2.7/site-packages/ipalib/plugins'... >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/aci.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/automember.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/automount.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/baseldap.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/batch.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/cert.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/config.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/delegation.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/dns.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/entitle.py' >2012-09-20T12:32:58Z DEBUG skipping plugin module ipalib.plugins.entitle: No module named rhsm.connection >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/group.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacrule.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacsvc.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/hbacsvcgroup.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/hbactest.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/host.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/hostgroup.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/internal.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/kerberos.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/krbtpolicy.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/migration.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/misc.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/netgroup.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/passwd.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/permission.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/ping.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/pkinit.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/privilege.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/pwpolicy.py' >2012-09-20T12:32:58Z DEBUG args=klist -V >2012-09-20T12:32:58Z DEBUG stdout=Kerberos 5 version 1.10.2 > >2012-09-20T12:32:58Z DEBUG stderr= >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/role.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/selfservice.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/selinuxusermap.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/service.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/sudocmd.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/sudocmdgroup.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/sudorule.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/user.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/virtual.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipalib/plugins/xmlclient.py' >2012-09-20T12:32:58Z DEBUG importing all plugin modules in '/usr/lib/python2.7/site-packages/ipaserver/install/plugins'... >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/baseupdate.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/dns.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/fix_replica_memberof.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/rename_managed.py' >2012-09-20T12:32:58Z DEBUG importing plugin module '/usr/lib/python2.7/site-packages/ipaserver/install/plugins/updateclient.py' >2012-09-20T12:32:59Z DEBUG args=/usr/sbin/groupadd -r dirsrv >2012-09-20T12:32:59Z DEBUG stdout= >2012-09-20T12:32:59Z DEBUG stderr= >2012-09-20T12:32:59Z DEBUG done adding DS group >2012-09-20T12:32:59Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' >2012-09-20T12:32:59Z DEBUG Configuring ntpd >2012-09-20T12:32:59Z DEBUG [1/4]: stopping ntpd >2012-09-20T12:32:59Z DEBUG args=/bin/systemctl is-active ntpd.service >2012-09-20T12:32:59Z DEBUG stdout=unknown > >2012-09-20T12:32:59Z DEBUG stderr= >2012-09-20T12:32:59Z DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' >2012-09-20T12:32:59Z DEBUG args=/bin/systemctl stop ntpd.service >2012-09-20T12:32:59Z DEBUG stdout= >2012-09-20T12:32:59Z DEBUG stderr= >2012-09-20T12:32:59Z DEBUG duration: 0 seconds >2012-09-20T12:32:59Z DEBUG [2/4]: writing configuration >2012-09-20T12:32:59Z DEBUG Backing up system configuration file '/etc/ntp.conf' >2012-09-20T12:32:59Z DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index' >2012-09-20T12:32:59Z DEBUG Backing up system configuration file '/etc/sysconfig/ntpd' >2012-09-20T12:32:59Z DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index' >2012-09-20T12:32:59Z DEBUG duration: 0 seconds >2012-09-20T12:32:59Z DEBUG [3/4]: configuring ntpd to start on boot >2012-09-20T12:32:59Z DEBUG args=/bin/systemctl is-enabled ntpd.service >2012-09-20T12:32:59Z DEBUG stdout=disabled > >2012-09-20T12:32:59Z DEBUG stderr= >2012-09-20T12:32:59Z DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' >2012-09-20T12:32:59Z DEBUG args=/bin/systemctl enable ntpd.service >2012-09-20T12:32:59Z DEBUG stdout= >2012-09-20T12:32:59Z DEBUG stderr=ln -s '/usr/lib/systemd/system/ntpd.service' '/etc/systemd/system/multi-user.target.wants/ntpd.service' > >2012-09-20T12:32:59Z DEBUG duration: 0 seconds >2012-09-20T12:32:59Z DEBUG [4/4]: starting ntpd >2012-09-20T12:32:59Z DEBUG args=/bin/systemctl start ntpd.service >2012-09-20T12:32:59Z DEBUG stdout= >2012-09-20T12:32:59Z DEBUG stderr= >2012-09-20T12:32:59Z DEBUG duration: 0 seconds >2012-09-20T12:32:59Z DEBUG done configuring ntpd. >2012-09-20T12:32:59Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' >2012-09-20T12:32:59Z DEBUG Configuring directory server for the CA: Estimated time 30 seconds >2012-09-20T12:32:59Z DEBUG [1/3]: creating directory server user >2012-09-20T12:32:59Z DEBUG adding ds user pkisrv >2012-09-20T12:33:00Z DEBUG args=/usr/sbin/useradd -g dirsrv -c PKI DS System User -d /var/lib/dirsrv -s /sbin/nologin -M -r pkisrv >2012-09-20T12:33:00Z DEBUG stdout= >2012-09-20T12:33:00Z DEBUG stderr= >2012-09-20T12:33:00Z DEBUG done adding user >2012-09-20T12:33:00Z DEBUG duration: 0 seconds >2012-09-20T12:33:00Z DEBUG [2/3]: creating directory server instance >2012-09-20T12:33:00Z DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' >2012-09-20T12:33:00Z DEBUG writing inf template >2012-09-20T12:33:00Z DEBUG >[General] >FullMachineName= fi.lan >SuiteSpotUserID= pkisrv >SuiteSpotGroup= dirsrv >ServerRoot= /usr/lib64/dirsrv >[slapd] >ServerPort= 7389 >ServerIdentifier= PKI-IPA >Suffix= dc=fi,dc=lan >RootDN= cn=Directory Manager > >2012-09-20T12:33:00Z DEBUG calling setup-ds.pl >2012-09-20T12:34:04Z DEBUG args=/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmpKbq8iV >2012-09-20T12:34:04Z DEBUG stdout=[12/09/20:15:34:04] - [Setup] Info Your new DS instance 'PKI-IPA' was successfully created. >Your new DS instance 'PKI-IPA' was successfully created. >[12/09/20:15:34:04] - [Setup] Success Exiting . . . >Log file is '-' > >Exiting . . . >Log file is '-' > > >2012-09-20T12:34:04Z DEBUG stderr= >2012-09-20T12:34:04Z DEBUG completed creating ds instance >2012-09-20T12:34:04Z DEBUG duration: 64 seconds >2012-09-20T12:34:04Z DEBUG [3/3]: restarting directory server >2012-09-20T12:34:04Z DEBUG args=/bin/systemctl --system daemon-reload >2012-09-20T12:34:04Z DEBUG stdout= >2012-09-20T12:34:04Z DEBUG stderr= >2012-09-20T12:34:04Z DEBUG args=/usr/sbin/selinuxenabled >2012-09-20T12:34:04Z DEBUG stdout= >2012-09-20T12:34:04Z DEBUG stderr= >2012-09-20T12:34:04Z DEBUG args=/sbin/restorecon /etc/sysconfig/dirsrv.systemd >2012-09-20T12:34:04Z DEBUG stdout= >2012-09-20T12:34:04Z DEBUG stderr= >2012-09-20T12:34:04Z DEBUG args=/bin/systemctl --system daemon-reload >2012-09-20T12:34:04Z DEBUG stdout= >2012-09-20T12:34:04Z DEBUG stderr= >2012-09-20T12:34:06Z DEBUG args=/bin/systemctl restart dirsrv@PKI-IPA.service >2012-09-20T12:34:06Z DEBUG stdout= >2012-09-20T12:34:06Z DEBUG stderr= >2012-09-20T12:34:06Z DEBUG args=/bin/systemctl is-active dirsrv@PKI-IPA.service >2012-09-20T12:34:06Z DEBUG stdout=active > >2012-09-20T12:34:06Z DEBUG stderr= >2012-09-20T12:34:06Z DEBUG duration: 1 seconds >2012-09-20T12:34:06Z DEBUG done configuring pkids. >2012-09-20T12:34:06Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' >2012-09-20T12:34:06Z DEBUG Configuring certificate server: Estimated time 3 minutes 30 seconds >2012-09-20T12:34:06Z DEBUG [1/18]: creating certificate server user >2012-09-20T12:34:06Z DEBUG adding ca user pkiuser >2012-09-20T12:34:06Z DEBUG args=/usr/sbin/useradd -c CA System User -d /var/lib -s /sbin/nologin -M -r pkiuser >2012-09-20T12:34:06Z DEBUG stdout= >2012-09-20T12:34:06Z DEBUG stderr= >2012-09-20T12:34:06Z DEBUG done adding user >2012-09-20T12:34:06Z DEBUG duration: 0 seconds >2012-09-20T12:34:06Z DEBUG [2/18]: creating pki-ca instance >2012-09-20T12:34:12Z DEBUG args=/usr/bin/pkicreate -pki_instance_root /var/lib -pki_instance_name pki-ca -subsystem_type ca -agent_secure_port 9443 -ee_secure_port 9444 -admin_secure_port 9445 -ee_secure_client_auth_port 9446 -unsecure_port 9180 -tomcat_server_port 9701 -redirect conf=/etc/pki-ca -redirect logs=/var/log/pki-ca -enable_proxy >2012-09-20T12:34:12Z DEBUG stdout=PKI instance creation Utility ... > >Capturing installation information in /var/log/pki-ca-install.log > >PKI instance creation completed ... > >Installation information recorded in /var/log/pki-ca-install.log. >Before proceeding with the configuration, make sure >the firewall settings of this machine permit proper >access to this subsystem. > >Please start the configuration by accessing: > >https://fi.lan:9445/ca/admin/console/config/login?pin=ViPUlFMru7KmTBpiQLfY > >After configuration, the server can be operated by the command: > > /bin/systemctl restart pki-cad@pki-ca.service > > >2012-09-20T12:34:12Z DEBUG stderr=[error] Failed setting selinux context pki_ca_port_t for 9180. Port already defined otherwise. >[error] Failed setting selinux context pki_ca_port_t for 9701. Port already defined otherwise. >[error] Failed setting selinux context pki_ca_port_t for 9443. Port already defined otherwise. >[error] Failed setting selinux context pki_ca_port_t for 9444. Port already defined otherwise. >[error] Failed setting selinux context pki_ca_port_t for 9446. Port already defined otherwise. >[error] Failed setting selinux context pki_ca_port_t for 9445. Port already defined otherwise. >[error] Failed setting selinux context pki_ca_port_t for 9447. Port already defined otherwise. > >2012-09-20T12:34:12Z DEBUG duration: 5 seconds >2012-09-20T12:34:12Z DEBUG [3/18]: configuring certificate server instance >2012-09-20T12:34:44Z DEBUG args=/usr/bin/perl /usr/bin/pkisilent ConfigureCA -cs_hostname fi.lan -cs_port 9445 -client_certdb_dir /tmp/tmp-56Kk3t -client_certdb_pwd XXXXXXXX -preop_pin ViPUlFMru7KmTBpiQLfY -domain_name IPA -admin_user admin -admin_email root@localhost -admin_password XXXXXXXX -agent_name ipa-ca-agent -agent_key_size 2048 -agent_key_type rsa -agent_cert_subject CN=ipa-ca-agent,O=FI.LAN -ldap_host fi.lan -ldap_port 7389 -bind_dn cn=Directory Manager -bind_password XXXXXXXX -base_dn o=ipaca -db_name ipaca -key_size 2048 -key_type rsa -key_algorithm SHA256withRSA -save_p12 true -backup_pwd XXXXXXXX -subsystem_name pki-cad -token_name internal -ca_subsystem_cert_subject_name CN=CA Subsystem,O=FI.LAN -ca_ocsp_cert_subject_name CN=OCSP Subsystem,O=FI.LAN -ca_server_cert_subject_name CN=fi.lan,O=FI.LAN -ca_audit_signing_cert_subject_name CN=CA Audit,O=FI.LAN -ca_sign_cert_subject_name CN=Certificate Authority,O=FI.LAN -external false -clone false >2012-09-20T12:34:44Z DEBUG stdout=libpath=/usr/lib64 >####################################################################### >CRYPTO INIT WITH CERTDB:/tmp/tmp-56Kk3t >tokenpwd:XXXXXXXX >############################################# >Attempting to connect to: fi.lan:9445 >in TestCertApprovalCallback.approve() >Peer cert details: > subject: CN=fi.lan,O=2012-09-20 15:34:07 > issuer: CN=fi.lan,O=2012-09-20 15:34:07 > serial: 0 >item 1 reason=-8156 depth=1 > cert details: > subject: CN=fi.lan,O=2012-09-20 15:34:07 > issuer: CN=fi.lan,O=2012-09-20 15:34:07 > serial: 0 >item 2 reason=-8172 depth=1 > cert details: > subject: CN=fi.lan,O=2012-09-20 15:34:07 > issuer: CN=fi.lan,O=2012-09-20 15:34:07 > serial: 0 >importing certificate. >Connected. >Posting Query = https://fi.lan:9445//ca/admin/console/config/login?pin=ViPUlFMru7KmTBpiQLfY&xml=true >RESPONSE STATUS: HTTP/1.1 302 Moved Temporarily >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Set-Cookie: JSESSIONID=D4A67914C2A3F937748142A5C7A83735; Path=/ca; Secure >RESPONSE HEADER: Location: https://fi.lan:9445/ca/admin/console/config/wizard >RESPONSE HEADER: Content-Type: text/html;charset=UTF-8 >RESPONSE HEADER: Content-Length: 0 >RESPONSE HEADER: Date: Thu, 20 Sep 2012 12:34:16 GMT >RESPONSE HEADER: Connection: keep-alive >xml returned: >cookie list: JSESSIONID=D4A67914C2A3F937748142A5C7A83735; Path=/ca; Secure >############################################# >Attempting to connect to: fi.lan:9445 >Connected. >Posting Query = https://fi.lan:9445//ca/admin/console/config/wizard?p=0&op=next&xml=true >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Thu, 20 Sep 2012 12:34:16 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/modulepanel.vm</panel> > <res/> > <showApplyButton/> > <status>display</status> > <subpanelno>2</subpanelno> > <sms> > <Vector> > <Module> > <CommonName>NSS Internal PKCS #11 Module</CommonName> > <UserFriendlyName>NSS Internal PKCS #11 Module</UserFriendlyName> > <ImagePath>../img/clearpixel.gif</ImagePath> > </Module> > <Module> > <CommonName>nfast</CommonName> > <UserFriendlyName>nCipher's nFast Token Hardware Module</UserFriendlyName> > <ImagePath>../img/clearpixel.gif</ImagePath> > </Module> > <Module> > <CommonName>lunasa</CommonName> > <UserFriendlyName>SafeNet's LunaSA Token Hardware Module</UserFriendlyName> > <ImagePath>../img/clearpixel.gif</ImagePath> > </Module> > </Vector> > </sms> > <errorString/> > <size>19</size> > <title>Key Store</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <p>1</p> > <name>CA Setup Wizard</name> > <oms> > <Vector/> > </oms> > <defTok>Internal Key Storage Token</defTok> > <req/> > <panelname>module</panelname> ></response> >############################################# >Attempting to connect to: fi.lan:9445 >Connected. >Posting Query = https://fi.lan:9445//ca/admin/console/config/wizard?p=1&op=next&xml=true&choice=Internal+Key+Storage+Token >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Thu, 20 Sep 2012 12:34:17 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <machineName>fi.lan</machineName> > <panel>admin/console/config/securitydomainpanel.vm</panel> > <res/> > <initCommand>/usr/bin/pkicontrol</initCommand> > <showApplyButton/> > <sdomainName> Domain</sdomainName> > <sdomainURL>https://fi.lan:9445</sdomainURL> > <http_ee_port>80</http_ee_port> > <systemname>CA</systemname> > <title>Security Domain</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <sdomainAdminURL>https://fi.lan:9445</sdomainAdminURL> > <check_existingdomain/> > <name>CA Setup Wizard</name> > <https_ee_port>443</https_ee_port> > <https_admin_port>443</https_admin_port> > <panelname>securitydomain</panelname> > <https_agent_port>443</https_agent_port> > <cstype>CA</cstype> > <instanceId>ca pki-cad@pki-ca.service</instanceId> > <updateStatus>success</updateStatus> > <errorString/> > <size>19</size> > <p>3</p> > <check_newdomain>checked</check_newdomain> > <req/> > <wizardname>CA Setup Wizard</wizardname> ></response> >############################################# >Attempting to connect to: fi.lan:9445 >Connected. >Posting Query = https://fi.lan:9445//ca/admin/console/config/wizard?sdomainURL=https%3A%2F%2Ffi.lan%3A9445&sdomainName=IPA&choice=newdomain&p=3&op=next&xml=true >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Thu, 20 Sep 2012 12:34:17 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <machineName>fi.lan</machineName> > <panel>admin/console/config/createsubsystempanel.vm</panel> > <res/> > <showApplyButton/> > <disableClone>true</disableClone> > <systemname>CA</systemname> > <title>Subsystem Type</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <check_clonesubsystem/> > <name>CA Setup Wizard</name> > <https_ee_port>443</https_ee_port> > <https_admin_port>443</https_admin_port> > <fullsystemname>Certificate Authority</fullsystemname> > <http_port>80</http_port> > <panelname>subsystem</panelname> > <https_agent_port>443</https_agent_port> > <cstype>CA</cstype> > <urls> > <Vector/> > </urls> > <check_newsubsystem>checked</check_newsubsystem> > <subsystemName>Certificate Authority</subsystemName> > <updateStatus>success</updateStatus> > <errorString/> > <size>19</size> > <p>5</p> > <req/> > <wizardname>CA Setup Wizard</wizardname> ></response> >############################################# >Attempting to connect to: fi.lan:9445 >Connected. >Posting Query = https://fi.lan:9445//ca/admin/console/config/wizard?p=5&op=next&xml=true&choice=newsubsystem&subsystemName=pki-cad >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Thu, 20 Sep 2012 12:34:17 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/hierarchypanel.vm</panel> > <res/> > <showApplyButton/> > <check_root>checked</check_root> > <updateStatus>success</updateStatus> > <errorString/> > <size>19</size> > <title>PKI Hierarchy</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <p>8</p> > <name>CA Setup Wizard</name> > <req/> > <check_join/> > <panelname>cahierarchy</panelname> ></response> >############################################# >Attempting to connect to: fi.lan:9445 >Connected. >Posting Query = https://fi.lan:9445//ca/admin/console/config/wizard?p=8&op=next&xml=true&choice=root >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Thu, 20 Sep 2012 12:34:17 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/databasepanel.vm</panel> > <res/> > <clone>new</clone> > <bindpwd>(sensitive)</bindpwd> > <showApplyButton/> > <portStr>389</portStr> > <cloneStartTLS>off</cloneStartTLS> > <updateStatus>success</updateStatus> > <hostname>localhost</hostname> > <errorString/> > <database>fi.lan-pki-ca</database> > <binddn>cn=Directory Manager</binddn> > <size>19</size> > <firsttime>true</firsttime> > <title>Internal Database</title> > <secureConn>off</secureConn> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <p>9</p> > <name>CA Setup Wizard</name> > <basedn>dc=fi.lan-pki-ca</basedn> > <req/> > <panelname>database</panelname> ></response> >############################################# >Attempting to connect to: fi.lan:9445 >Connected. >Posting Query = https://fi.lan:9445//ca/admin/console/config/wizard?p=9&op=next&xml=true&host=fi.lan&port=7389&binddn=cn%3DDirectory+Manager&__bindpwd=XXXXXXXX&basedn=o%3Dipaca&database=ipaca&display=%24displayStr >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Thu, 20 Sep 2012 12:34:29 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/sizepanel.vm</panel> > <res/> > <ecclist>SHA256withEC,SHA1withEC,SHA384withEC,SHA512withEC</ecclist> > <portStr>7389</portStr> > <showApplyButton/> > <cloneStartTLS>off</cloneStartTLS> > <default_keysize>2048</default_keysize> > <firsttime>true</firsttime> > <title>Key Pairs</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <name>CA Setup Wizard</name> > <panelname>size</panelname> > <subsystemtype>ca</subsystemtype> > <rsalist>SHA256withRSA,SHA1withRSA,SHA512withRSA,MD5withRSA,MD2withRSA</rsalist> > <bindpwd>(sensitive)</bindpwd> > <rsaTags>audit_signing</rsaTags> > <select>new</select> > <default_ecc_curvename>nistp256</default_ecc_curvename> > <updateStatus>success</updateStatus> > <hselect>root</hselect> > <hostname>fi.lan</hostname> > <displaycurvelist>nistp256 (secp256r1),nistp384 (secp384r1),nistp521 (secp521r1),nistk163 (sect163k1),sect163r1,nistb163 (sect163r2),sect193r1,sect193r2,nistk233 (sect233k1),nistb233 (sect233r1),sect239k1,nistk283 (sect283k1),nistb283 (sect283r1),nistk409 (sect409k1),nistb409 (sect409r1),nistk571 (sect571k1),nistb571 (sect571r1),secp160k1,secp160r1,secp160r2,secp192k1,nistp192 (secp192r1, prime192v1),secp224k1,nistp224 (secp224r1),secp256k1,prime192v2,prime192v3,prime239v1,prime239v2,prime239v3,c2pnb163v1,c2pnb163v2,c2pnb163v3,c2pnb176v1,c2tnb191v1,c2tnb191v2,c2tnb191v3,c2pnb208w1,c2tnb239v1,c2tnb239v2,c2tnb239v3,c2pnb272w1,c2pnb304w1,c2tnb359w1,c2pnb368w1,c2tnb431r1,secp112r1,secp112r2,secp128r1,secp128r2,sect113r1,sect113r2,sect131r1,sect131r2</displaycurvelist> > <curvelist>nistp256,nistp384,nistp521,sect163k1,nistk163,sect163r1,sect163r2,nistb163,sect193r1,sect193r2,sect233k1,nistk233,sect233r1,nistb233,sect239k1,sect283k1,nistk283,sect283r1,nistb283,sect409k1,nistk409,sect409r1,nistb409,sect571k1,nistk571,sect571r1,nistb571,secp160k1,secp160r1,secp160r2,secp192k1,secp192r1,nistp192,secp224k1,secp224r1,nistp224,secp256k1,secp256r1,secp384r1,secp521r1,prime192v1,prime192v2,prime192v3,prime239v1,prime239v2,prime239v3,c2pnb163v1,c2pnb163v2,c2pnb163v3,c2pnb176v1,c2tnb191v1,c2tnb191v2,c2tnb191v3,c2pnb208w1,c2tnb239v1,c2tnb239v2,c2tnb239v3,c2pnb272w1,c2pnb304w1,c2tnb359w1,c2pnb368w1,c2tnb431r1,secp112r1,secp112r2,secp128r1,secp128r2,sect113r1,sect113r2,sect131r1,sect131r2</curvelist> > <database>ipaca</database> > <binddn>cn=Directory Manager</binddn> > <errorString/> > <size>19</size> > <show_signing>true</show_signing> > <secureConn>off</secureConn> > <certs> > <Vector> > <CertReqPair> > <Nickname>caSigningCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request/> > <Certificate/> > <Type/> > <DN/> > <CertPP/> > <KeyOption>default</KeyOption> > </CertReqPair> > <CertReqPair> > <Nickname>ocspSigningCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request/> > <Certificate/> > <Type/> > <DN/> > <CertPP/> > <KeyOption>default</KeyOption> > </CertReqPair> > <CertReqPair> > <Nickname>Server-Cert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request/> > <Certificate/> > <Type/> > <DN/> > <CertPP/> > <KeyOption>default</KeyOption> > </CertReqPair> > <CertReqPair> > <Nickname>subsystemCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request/> > <Certificate/> > <Type/> > <DN/> > <CertPP/> > <KeyOption>default</KeyOption> > </CertReqPair> > <CertReqPair> > <Nickname>auditSigningCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request/> > <Certificate/> > <Type/> > <DN/> > <CertPP/> > <KeyOption>default</KeyOption> > </CertReqPair> > </Vector> > </certs> > <p>10</p> > <basedn>o=ipaca</basedn> > <req/> ></response> >############################################# >Attempting to connect to: fi.lan:9445 >Connected. >Posting Query = https://fi.lan:9445//ca/admin/console/config/wizard?p=10&op=next&xml=true&subsystem_custom_size=2048&subsystem_custom_curvename=nistp256&subsystem_keytype=rsa&subsystem_choice=custom&sslserver_custom_size=2048&sslserver_custom_curvename=nistp256&sslserver_keytype=rsa&sslserver_choice=custom&signing_custom_size=2048&signing_custom_curvename=nistp256&signing_keytype=rsa&signing_choice=custom&signing_keyalgorithm=SHA256withRSA&signing_signingalgorithm=SHA256withRSA&ocsp_signing_custom_size=2048&ocsp_signing_custom_curvename=nistp256&ocsp_signing_keytype=rsa&ocsp_signing_choice=custom&ocsp_signing_signingalgorithm=SHA256withRSA&audit_signing_custom_size=2048&audit_signing_custom_curvename=nistp256&audit_signing_keytype=rsa&audit_signing_choice=custom&custom_size=2048&custom_curvename=nistp256&keytype=rsa&choice=custom&signingalgorithm=SHA256withRSA&keyalgorithm=SHA256withRSA >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Thu, 20 Sep 2012 12:34:32 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/namepanel.vm</panel> > <res/> > <showApplyButton/> > <select>new</select> > <urls> > <Vector>External CA</Vector> > </urls> > <updateStatus>success</updateStatus> > <isRoot>true</isRoot> > <errorString/> > <size>19</size> > <firsttime>true</firsttime> > <title>Subject Names</title> > <certs> > <Vector> > <CertReqPair> > <Nickname>caSigningCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request/> > <Certificate/> > <Type>selfsign</Type> > <DN>CN=Certificate Authority,OU=pki-ca,O=IPA</DN> > <CertPP/> > <KeyOption/> > </CertReqPair> > <CertReqPair> > <Nickname>ocspSigningCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request/> > <Certificate/> > <Type>local</Type> > <DN>CN=OCSP Signing Certificate,OU=pki-ca,O=IPA</DN> > <CertPP/> > <KeyOption/> > </CertReqPair> > <CertReqPair> > <Nickname>Server-Cert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request/> > <Certificate/> > <Type>local</Type> > <DN>CN=fi.lan,OU=pki-ca,O=IPA</DN> > <CertPP/> > <KeyOption/> > </CertReqPair> > <CertReqPair> > <Nickname>subsystemCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request/> > <Certificate/> > <Type>local</Type> > <DN>CN=CA Subsystem Certificate,OU=pki-ca,O=IPA</DN> > <CertPP/> > <KeyOption/> > </CertReqPair> > <CertReqPair> > <Nickname>auditSigningCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request/> > <Certificate/> > <Type>local</Type> > <DN>CN=CA Audit Signing Certificate,OU=pki-ca,O=IPA</DN> > <CertPP/> > <KeyOption/> > </CertReqPair> > </Vector> > </certs> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <p>11</p> > <name>CA Setup Wizard</name> > <req/> > <panelname>subjectname</panelname> ></response> >tag=DN value=CN=Certificate Authority,OU=pki-ca,O=IPA >tag=DN value=CN=OCSP Signing Certificate,OU=pki-ca,O=IPA >tag=DN value=CN=fi.lan,OU=pki-ca,O=IPA >tag=DN value=CN=CA Subsystem Certificate,OU=pki-ca,O=IPA >tag=DN value=CN=CA Audit Signing Certificate,OU=pki-ca,O=IPA >default: ca_cert_name=CN=Certificate Authority,OU=pki-ca,O=IPA >default: ocsp_cert_name=CN=OCSP Signing Certificate,OU=pki-ca,O=IPA >default: ca_subsystem_cert_name=CN=CA Subsystem Certificate,OU=pki-ca,O=IPA >default: ca_audit_signing_cert_name=CN=CA Audit Signing Certificate,OU=pki-ca,O=IPA >default: server_cert_name=CN=fi.lan,OU=pki-ca,O=IPA >############################################# >Attempting to connect to: fi.lan:9445 >Connected. >Posting Query = https://fi.lan:9445//ca/admin/console/config/wizard?p=11&op=next&xml=true&subsystem=CN%3DCA+Subsystem%2CO%3DFI.LAN&ocsp_signing=CN%3DOCSP+Subsystem%2CO%3DFI.LAN&signing=CN%3DCertificate+Authority%2CO%3DFI.LAN&sslserver=CN%3Dfi.lan%2CO%3DFI.LAN&audit_signing=CN%3DCA+Audit%2CO%3DFI.LAN&urls=0 >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Thu, 20 Sep 2012 12:34:39 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/certrequestpanel.vm</panel> > <res/> > <showApplyButton/> > <reqscerts> > <Vector> > <CertReqPair> > <Nickname>caSigningCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request>-----BEGIN CERTIFICATE REQUEST----- >MIICdjCCAV4CAQAwMTEPMA0GA1UEChMGRkkuTEFOMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRo >b3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDguV9Kjmc1jwT66xwo1qOEpcSf >kJ8xtyo5nDgszkg25IMtHx3s+WdLqlILgEwEDqremqo/xMc/COpiZ3S/TY7kGh+xHov9bJry6WgI >urxCnnayrtP/GtWggZBl0zlXDzomOrC0GdmtzTVx1iT3GvKCj8JAL/NIn2dzPzCcufuII4BcD6uR >nyzof3xN5H++hN2PFPu88Sicz3xv9qi1kDthqLnpvYKaDUGyjRWIzmEtQEcwEwJGX+vNuutny0Ia >qTlPWZuOxjSrTE1bi4j1wLX3kn4oftNm/eBdAW0HgZZrL9ow7Yc/bbmkoPOf06/Qqu0q0CplOEgR >l/1h9yrmxJSHAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAsOYTHm1dPZ1C1fIUnpVaB26fXkGU >VPqJjLzaFMa4bWpkZrY2WC27guTA0BUYOrYbVOHROojqa+gz0kyc1rMkJaYdX4JA3NMOD2n8f7re >8BBtMEXBmSlXeNoCL6RmUGWBAtA9CWbpMycANwGeFYPc2gICeXKGhOFD2HuTd7TFqpRrUKJgQCA3 >r0ginXszoFFHqjWZAVFgSpq723dcn4OpsTNVAMj8gviA9/hX/gCPs5PArYU0t7kKjp9WmCi+N6YR >qx9BnRgYNPXnbtnr5jIh8Eh8rzRJuC2Xfsf/xzSZnB/Jz34CrOXgdMIbFWtQNEeokicYvF12FQsG >DTLvG6Rnvg== >-----END CERTIFICATE REQUEST-----</Request> > <Certificate>-----BEGIN CERTIFICATE----- >MIIDeDCCAmCgAwIBAgIBATANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZGSS5MQU4xHjAcBgNV >BAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAxMjM0MzNaFw0yMDA5MjAxMjM0MzNa >MDExDzANBgNVBAoTBkZJLkxBTjEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIIBIjAN >BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LlfSo5nNY8E+uscKNajhKXEn5CfMbcqOZw4LM5I >NuSDLR8d7PlnS6pSC4BMBA6q3pqqP8THPwjqYmd0v02O5BofsR6L/Wya8uloCLq8Qp52sq7T/xrV >oIGQZdM5Vw86JjqwtBnZrc01cdYk9xrygo/CQC/zSJ9ncz8wnLn7iCOAXA+rkZ8s6H98TeR/voTd >jxT7vPEonM98b/aotZA7Yai56b2Cmg1Bso0ViM5hLUBHMBMCRl/rzbrrZ8tCGqk5T1mbjsY0q0xN >W4uI9cC195J+KH7TZv3gXQFtB4GWay/aMO2HP225pKDzn9Ov0KrtKtAqZThIEZf9Yfcq5sSUhwID >AQABo4GaMIGXMB8GA1UdIwQYMBaAFNjebhl7jAHG55uFGmcPr8tue18jMA8GA1UdEwEB/wQFMAMB >Af8wDgYDVR0PAQH/BAQDAgHGMB0GA1UdDgQWBBTY3m4Ze4wBxuebhRpnD6/LbntfIzA0BggrBgEF >BQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9maS5sYW46ODAvY2Evb2NzcDANBgkqhkiG9w0B >AQsFAAOCAQEATRAHpxbCxQYgDc9c9HajO8uw7rnC17fhAIqAZnyAJRvldG8TXKTKOMsjIgWKc1WQ >gVk9rASJyjIj3lrAy39VMZAqoix5QCLld2V2Pzv8dwJtAQV7NWBRCbRaR+27sPb5F3VxROFO73Xk >VSgTUDANhNMRsRJqMaa1uP5QiIu93bqhUgtSeruKrQxku21b06JmAa3ZFttebbceOGaX2E/Bn3sB >UkvalYU/Xe0m42zg6SXDe55iFKxAYRsQM7DqUmnhPiNv9J+QphqrpOdytTOVXAia/MyZTlj4/XPH >8GxFoCR5a0Wr++78LixQXfAT0siZHyHHzF1wTfp6XtMGMSLVyw== >-----END CERTIFICATE-----</Certificate> > <Type>selfsign</Type> > <DN>CN=Certificate Authority,O=FI.LAN</DN> > <CertPP> Certificate: > Data: > Version: v3 > Serial Number: 0x1 > Signature Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11 > Issuer: CN=Certificate Authority,O=FI.LAN > Validity: > Not Before: Thursday, September 20, 2012 3:34:33 PM EEST Europe/Helsinki > Not After: Sunday, September 20, 2020 3:34:33 PM EEST Europe/Helsinki > Subject: CN=Certificate Authority,O=FI.LAN > Subject Public Key Info: > Algorithm: RSA - 1.2.840.113549.1.1.1 > Public Key: > Exponent: 65537 > Public Key Modulus: (2048 bits) : > E0:B9:5F:4A:8E:67:35:8F:04:FA:EB:1C:28:D6:A3:84: > A5:C4:9F:90:9F:31:B7:2A:39:9C:38:2C:CE:48:36:E4: > 83:2D:1F:1D:EC:F9:67:4B:AA:52:0B:80:4C:04:0E:AA: > DE:9A:AA:3F:C4:C7:3F:08:EA:62:67:74:BF:4D:8E:E4: > 1A:1F:B1:1E:8B:FD:6C:9A:F2:E9:68:08:BA:BC:42:9E: > 76:B2:AE:D3:FF:1A:D5:A0:81:90:65:D3:39:57:0F:3A: > 26:3A:B0:B4:19:D9:AD:CD:35:71:D6:24:F7:1A:F2:82: > 8F:C2:40:2F:F3:48:9F:67:73:3F:30:9C:B9:FB:88:23: > 80:5C:0F:AB:91:9F:2C:E8:7F:7C:4D:E4:7F:BE:84:DD: > 8F:14:FB:BC:F1:28:9C:CF:7C:6F:F6:A8:B5:90:3B:61: > A8:B9:E9:BD:82:9A:0D:41:B2:8D:15:88:CE:61:2D:40: > 47:30:13:02:46:5F:EB:CD:BA:EB:67:CB:42:1A:A9:39: > 4F:59:9B:8E:C6:34:AB:4C:4D:5B:8B:88:F5:C0:B5:F7: > 92:7E:28:7E:D3:66:FD:E0:5D:01:6D:07:81:96:6B:2F: > DA:30:ED:87:3F:6D:B9:A4:A0:F3:9F:D3:AF:D0:AA:ED: > 2A:D0:2A:65:38:48:11:97:FD:61:F7:2A:E6:C4:94:87 > Extensions: > Identifier: Authority Key Identifier - 2.5.29.35 > Critical: no > Key Identifier: > D8:DE:6E:19:7B:8C:01:C6:E7:9B:85:1A:67:0F:AF:CB: > 6E:7B:5F:23 > Identifier: Basic Constraints - 2.5.29.19 > Critical: yes > Is CA: yes > Path Length Constraint: UNLIMITED > Identifier: Key Usage: - 2.5.29.15 > Critical: yes > Key Usage: > Digital Signature > Non Repudiation > Key CertSign > Crl Sign > Identifier: Subject Key Identifier - 2.5.29.14 > Critical: no > Key Identifier: > D8:DE:6E:19:7B:8C:01:C6:E7:9B:85:1A:67:0F:AF:CB: > 6E:7B:5F:23 > Identifier: Authority Info Access: - 1.3.6.1.5.5.7.1.1 > Critical: no > Access Description: > Method #0: ocsp > Location #0: URIName: http://fi.lan:80/ca/ocsp > Signature: > Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11 > Signature: > 4D:10:07:A7:16:C2:C5:06:20:0D:CF:5C:F4:76:A3:3B: > CB:B0:EE:B9:C2:D7:B7:E1:00:8A:80:66:7C:80:25:1B: > E5:74:6F:13:5C:A4:CA:38:CB:23:22:05:8A:73:55:90: > 81:59:3D:AC:04:89:CA:32:23:DE:5A:C0:CB:7F:55:31: > 90:2A:A2:2C:79:40:22:E5:77:65:76:3F:3B:FC:77:02: > 6D:01:05:7B:35:60:51:09:B4:5A:47:ED:BB:B0:F6:F9: > 17:75:71:44:E1:4E:EF:75:E4:55:28:13:50:30:0D:84: > D3:11:B1:12:6A:31:A6:B5:B8:FE:50:88:8B:BD:DD:BA: > A1:52:0B:52:7A:BB:8A:AD:0C:64:BB:6D:5B:D3:A2:66: > 01:AD:D9:16:DB:5E:6D:B7:1E:38:66:97:D8:4F:C1:9F: > 7B:01:52:4B:DA:95:85:3F:5D:ED:26:E3:6C:E0:E9:25: > C3:7B:9E:62:14:AC:40:61:1B:10:33:B0:EA:52:69:E1: > 3E:23:6F:F4:9F:90:A6:1A:AB:A4:E7:72:B5:33:95:5C: > 08:9A:FC:CC:99:4E:58:F8:FD:73:C7:F0:6C:45:A0:24: > 79:6B:45:AB:FB:EE:FC:2E:2C:50:5D:F0:13:D2:C8:99: > 1F:21:C7:CC:5D:70:4D:FA:7A:5E:D3:06:31:22:D5:CB > FingerPrint > MD2: > 11:3F:96:A3:36:BE:CF:69:51:0F:75:4C:4E:F2:0E:13 > MD5: > D8:90:3E:75:07:79:2F:55:79:72:B1:80:0D:EF:77:64 > SHA1: > F5:92:82:DB:36:D8:15:E7:EF:CA:A9:00:54:85:C8:87: > 3A:D8:AD:D9 > SHA256: > 20:6D:A6:1B:32:7A:2A:98:28:7E:6C:D7:06:83:AD:47: > 13:ED:2F:85:2D:0C:18:01:98:17:77:33:44:A2:52:0F > SHA512: > BF:7A:3C:56:A3:76:B5:33:D3:8A:CA:78:2C:1D:7B:E1: > 8D:2E:9C:99:B2:23:26:67:BF:F7:1D:5E:18:B4:11:6D: > 86:4D:5D:57:FD:04:E0:68:EC:F7:55:26:89:45:C0:78: > EA:1C:80:F6:2A:57:46:25:33:7C:52:8B:B4:7B:F1:DF ></CertPP> > <KeyOption/> > </CertReqPair> > <CertReqPair> > <Nickname>ocspSigningCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request>-----BEGIN CERTIFICATE REQUEST----- >MIICbzCCAVcCAQAwKjEPMA0GA1UEChMGRkkuTEFOMRcwFQYDVQQDEw5PQ1NQIFN1YnN5c3RlbTCC >ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM3LtZX/dmV4B59pSyqcao4VslrlJG1JmmPA >/loar2t9U8+oNCNlJEyNXX8vOUQUF0o3tqHkpBl2379Dm4stV5c5gHKqSW6vF+wotJ7h/svXCCu3 >GmVeImbbdP6Yx3yDtk8/lCPwg6cn5WX7uBWlhj4ziqQpNH24ljyPP0XnY4oU8GqBRpE3GjtYTCF9 >xbP+g8AZcRXvLsYVr7Z+LgXxaJoXhi6s7JLpt/662NXoBeESeQrAHP3f3lu5Zuy8yHyUtWDhOl5Z >jdohFY52i7Ifx7zeI5f2CIImSTFEljCCqueXMqoeb/aDp7/eEppNzq8oHxTtUHjevyxlQs2pZWX9 >6Q8CAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQAdfNRe1eFMH3twH0YCdiu/Ke6rGX9/BIuJYvbf >jDjwbuZNf2mm/fswMjmqbzuTbd+FPiT3FwyeX9S/MNsZbFCpBOMTIukWX0Jvs0U+j9cZS7SviEsQ >V+dX3pYENwLqrzoFgRXEffUhKGqyOhz29GH94S4g4zEbQwWgGMa8K+IK4gvRbKEtOl6zQCqq+eqr >pTUpXe0jnMz9tEdgri9EaHfYsA+zd9rZzZDHU9eHtRFybkCW0DEVjZq09g2WTE/myjhGqZJIkxjr >L6s/YS5zFNRzTPnIJ08/avJ4k0dyPM2qY9x3ufbB9m9iVPX7c4FVUdCkt3oLh56Lgvsj71k8gsXB >-----END CERTIFICATE REQUEST-----</Request> > <Certificate>-----BEGIN CERTIFICATE----- >MIIDVDCCAjygAwIBAgIBAjANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZGSS5MQU4xHjAcBgNV >BAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAxMjM0MzZaFw0xNDA5MTAxMjM0MzZa >MCoxDzANBgNVBAoTBkZJLkxBTjEXMBUGA1UEAxMOT0NTUCBTdWJzeXN0ZW0wggEiMA0GCSqGSIb3 >DQEBAQUAA4IBDwAwggEKAoIBAQDNy7WV/3ZleAefaUsqnGqOFbJa5SRtSZpjwP5aGq9rfVPPqDQj >ZSRMjV1/LzlEFBdKN7ah5KQZdt+/Q5uLLVeXOYByqklurxfsKLSe4f7L1wgrtxplXiJm23T+mMd8 >g7ZPP5Qj8IOnJ+Vl+7gVpYY+M4qkKTR9uJY8jz9F52OKFPBqgUaRNxo7WEwhfcWz/oPAGXEV7y7G >Fa+2fi4F8WiaF4YurOyS6bf+utjV6AXhEnkKwBz9395buWbsvMh8lLVg4TpeWY3aIRWOdouyH8e8 >3iOX9giCJkkxRJYwgqrnlzKqHm/2g6e/3hKaTc6vKB8U7VB43r8sZULNqWVl/ekPAgMBAAGjfjB8 >MB8GA1UdIwQYMBaAFNjebhl7jAHG55uFGmcPr8tue18jMA4GA1UdDwEB/wQEAwIBxjA0BggrBgEF >BQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9maS5sYW46ODAvY2Evb2NzcDATBgNVHSUEDDAK >BggrBgEFBQcDCTANBgkqhkiG9w0BAQsFAAOCAQEACw3NoRFRJz4wk85QrzHhe9Z8OvOciT0k9PVO >zdvDSoU/S6xUkfsL7wUPJg5+1d2o8F6l7HhvOtgAGgz8VIXp09HODBo8GrTQdHJ68Zof6jjDugmm >/X/1Y155tjZtI9MOGilCpJ0q6hnGCdeVe6S+IxcAy8G13jKQIzvW2GglnQCeP94sK2wi9Usx13xv >KpjCMHuT2Nf6qQH5dOjRAzryoONfRk/npS2scvfGQEztDpomhfvhaycZKlNSIMApGd2qQKn18NRv >Qp8JldVQAS7wZ+MBNvWplkn8Zr+h9ml/mghk5h4MVVGFzyCX6Gfcm+2kELe/SL4qx6NH5kdoj4FS >kA== >-----END CERTIFICATE-----</Certificate> > <Type>local</Type> > <DN>CN=OCSP Subsystem,O=FI.LAN</DN> > <CertPP> Certificate: > Data: > Version: v3 > Serial Number: 0x2 > Signature Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11 > Issuer: CN=Certificate Authority,O=FI.LAN > Validity: > Not Before: Thursday, September 20, 2012 3:34:36 PM EEST Europe/Helsinki > Not After: Wednesday, September 10, 2014 3:34:36 PM EEST Europe/Helsinki > Subject: CN=OCSP Subsystem,O=FI.LAN > Subject Public Key Info: > Algorithm: RSA - 1.2.840.113549.1.1.1 > Public Key: > Exponent: 65537 > Public Key Modulus: (2048 bits) : > CD:CB:B5:95:FF:76:65:78:07:9F:69:4B:2A:9C:6A:8E: > 15:B2:5A:E5:24:6D:49:9A:63:C0:FE:5A:1A:AF:6B:7D: > 53:CF:A8:34:23:65:24:4C:8D:5D:7F:2F:39:44:14:17: > 4A:37:B6:A1:E4:A4:19:76:DF:BF:43:9B:8B:2D:57:97: > 39:80:72:AA:49:6E:AF:17:EC:28:B4:9E:E1:FE:CB:D7: > 08:2B:B7:1A:65:5E:22:66:DB:74:FE:98:C7:7C:83:B6: > 4F:3F:94:23:F0:83:A7:27:E5:65:FB:B8:15:A5:86:3E: > 33:8A:A4:29:34:7D:B8:96:3C:8F:3F:45:E7:63:8A:14: > F0:6A:81:46:91:37:1A:3B:58:4C:21:7D:C5:B3:FE:83: > C0:19:71:15:EF:2E:C6:15:AF:B6:7E:2E:05:F1:68:9A: > 17:86:2E:AC:EC:92:E9:B7:FE:BA:D8:D5:E8:05:E1:12: > 79:0A:C0:1C:FD:DF:DE:5B:B9:66:EC:BC:C8:7C:94:B5: > 60:E1:3A:5E:59:8D:DA:21:15:8E:76:8B:B2:1F:C7:BC: > DE:23:97:F6:08:82:26:49:31:44:96:30:82:AA:E7:97: > 32:AA:1E:6F:F6:83:A7:BF:DE:12:9A:4D:CE:AF:28:1F: > 14:ED:50:78:DE:BF:2C:65:42:CD:A9:65:65:FD:E9:0F > Extensions: > Identifier: Authority Key Identifier - 2.5.29.35 > Critical: no > Key Identifier: > D8:DE:6E:19:7B:8C:01:C6:E7:9B:85:1A:67:0F:AF:CB: > 6E:7B:5F:23 > Identifier: Key Usage: - 2.5.29.15 > Critical: yes > Key Usage: > Digital Signature > Non Repudiation > Key CertSign > Crl Sign > Identifier: Authority Info Access: - 1.3.6.1.5.5.7.1.1 > Critical: no > Access Description: > Method #0: ocsp > Location #0: URIName: http://fi.lan:80/ca/ocsp > Identifier: Extended Key Usage: - 2.5.29.37 > Critical: no > Extended Key Usage: > OCSPSigning > Signature: > Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11 > Signature: > 0B:0D:CD:A1:11:51:27:3E:30:93:CE:50:AF:31:E1:7B: > D6:7C:3A:F3:9C:89:3D:24:F4:F5:4E:CD:DB:C3:4A:85: > 3F:4B:AC:54:91:FB:0B:EF:05:0F:26:0E:7E:D5:DD:A8: > F0:5E:A5:EC:78:6F:3A:D8:00:1A:0C:FC:54:85:E9:D3: > D1:CE:0C:1A:3C:1A:B4:D0:74:72:7A:F1:9A:1F:EA:38: > C3:BA:09:A6:FD:7F:F5:63:5E:79:B6:36:6D:23:D3:0E: > 1A:29:42:A4:9D:2A:EA:19:C6:09:D7:95:7B:A4:BE:23: > 17:00:CB:C1:B5:DE:32:90:23:3B:D6:D8:68:25:9D:00: > 9E:3F:DE:2C:2B:6C:22:F5:4B:31:D7:7C:6F:2A:98:C2: > 30:7B:93:D8:D7:FA:A9:01:F9:74:E8:D1:03:3A:F2:A0: > E3:5F:46:4F:E7:A5:2D:AC:72:F7:C6:40:4C:ED:0E:9A: > 26:85:FB:E1:6B:27:19:2A:53:52:20:C0:29:19:DD:AA: > 40:A9:F5:F0:D4:6F:42:9F:09:95:D5:50:01:2E:F0:67: > E3:01:36:F5:A9:96:49:FC:66:BF:A1:F6:69:7F:9A:08: > 64:E6:1E:0C:55:51:85:CF:20:97:E8:67:DC:9B:ED:A4: > 10:B7:BF:48:BE:2A:C7:A3:47:E6:47:68:8F:81:52:90 > FingerPrint > MD2: > 89:79:5D:54:1C:AA:43:8D:0A:16:D9:88:10:BB:9C:07 > MD5: > A0:C8:D4:65:A6:D1:4B:75:63:11:39:00:16:8A:F4:8A > SHA1: > 88:C5:14:07:1A:87:4D:25:09:A3:CA:30:A4:29:B0:52: > 8B:2C:27:A1 > SHA256: > 42:4F:50:5E:BE:43:4E:35:C8:4A:0A:5F:E5:62:D6:E2: > FF:C5:FD:AD:88:3A:61:41:B0:B9:2E:D3:BC:41:57:E5 > SHA512: > D4:3D:AB:53:C2:17:79:DD:8D:B5:79:1A:32:70:BD:A1: > C6:A2:0A:7A:40:75:AA:58:79:AF:02:57:B4:B6:51:CC: > B7:1F:26:6F:8A:89:85:B7:FD:0A:37:B4:EA:67:2E:87: > 3A:20:DA:EC:27:89:BB:7E:3F:C8:D4:44:A3:3E:52:89 ></CertPP> > <KeyOption/> > </CertReqPair> > <CertReqPair> > <Nickname>Server-Cert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request>-----BEGIN CERTIFICATE REQUEST----- >MIICZzCCAU8CAQAwIjEPMA0GA1UEChMGRkkuTEFOMQ8wDQYDVQQDEwZmaS5sYW4wggEiMA0GCSqG >SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3jrv+Vq8Dgy6bbwuYOJkdq3R671Pdav5/OfLDn3uGZQIy >MJ6cMlj7W07KO1xHTtl1QlbgxA3skxaLCqPNxF0LVNlXT/FjqZ3aLXXkyHjm7ptB7CbqNm09+MyH >zK/OIrDBw8/zCTVYvd7kf7zS3pa57wfL/+7Zda/HTCR65gRoSdc3IbKF9PadPMboL32pj8Ffuto1 >RHYz8dPUekvdzGXyX0VGZz+0VyHaxvquUKe90UpN/XvaUBO8UC1mrFGzAp7qKjwpTAijYxv9fkpc >cvx1NvrB7+zhvHHMb6TZQ9rd74QSTx8YGLm5AN0qiJK77iNiGrFfEEUsOMt54lNgZVwbAgMBAAGg >ADANBgkqhkiG9w0BAQsFAAOCAQEATsL3V5QYFYRZRPxPzEM1YsTaCsV4ZqXdsC9u5Bie3wP6UVrP >RjeCgz+1OdWiSsVKXJbrMS3RgWEq2bTgT0Cy63LH64rbjabSJhujRwFMVna6kPJHij8V1NjUhRDw >wjLRARzjTqRZCsKFQ3ZgG7EKye/WSP/QwdDTmAD3K2gGaP8kK8bVfjJBulR4hjWxBLbEtpxGj9DQ >lBr8JU1h7CHqmnkVRYznXK3f7jKG4cztkjqf++UIKA4Dz4i0U7gpTIeSuY1t58j9aavTYKL6k5Ax >oZwRuVCZ2n39KNnWL/XFAZR9bY9RCJw2SQi1CmsSaiCmta7/Ibv5RUCpXsqbrzNl0A== >-----END CERTIFICATE REQUEST-----</Request> > <Certificate>-----BEGIN CERTIFICATE----- >MIIDTDCCAjSgAwIBAgIBAzANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZGSS5MQU4xHjAcBgNV >BAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAxMjM0MzZaFw0xNDA5MTAxMjM0MzZa >MCIxDzANBgNVBAoTBkZJLkxBTjEPMA0GA1UEAxMGZmkubGFuMIIBIjANBgkqhkiG9w0BAQEFAAOC >AQ8AMIIBCgKCAQEAt467/lavA4Mum28LmDiZHat0eu9T3Wr+fznyw597hmUCMjCenDJY+1tOyjtc >R07ZdUJW4MQN7JMWiwqjzcRdC1TZV0/xY6md2i115Mh45u6bQewm6jZtPfjMh8yvziKwwcPP8wk1 >WL3e5H+80t6Wue8Hy//u2XWvx0wkeuYEaEnXNyGyhfT2nTzG6C99qY/BX7raNUR2M/HT1HpL3cxl >8l9FRmc/tFch2sb6rlCnvdFKTf172lATvFAtZqxRswKe6io8KUwIo2Mb/X5KXHL8dTb6we/s4bxx >zG+k2UPa3e+EEk8fGBi5uQDdKoiSu+4jYhqxXxBFLDjLeeJTYGVcGwIDAQABo34wfDAfBgNVHSME >GDAWgBTY3m4Ze4wBxuebhRpnD6/LbntfIzA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0 >dHA6Ly9maS5sYW46ODAvY2Evb2NzcDAOBgNVHQ8BAf8EBAMCBPAwEwYDVR0lBAwwCgYIKwYBBQUH >AwEwDQYJKoZIhvcNAQELBQADggEBAI6sKWWQdoOaLndU28SzrYywQCphPw+Nl11o35ieogj05m3+ >JVEDx8Ti9Jvu/AjObvwTAEmoGgX0MCWvJRhH6aiM1YQGw2IR0mswr4PArZhHYvat9DeswluXqqzR >LZiYJurRyjEiklxwbdxXx7gYXfojL2qUQkLHv32CPmUmKQyAB3bka92sw8YG6PoJ5YdrRkqjRSmP >39z7o4/Jgf6SnXSHfcyWnruEIFn3K8PLR6gwFuKSpXqpkdDWJiavHEmnRqTqHxKVFsF+swNKwASA >Th76jdXKR8EVX9pHyEev86gq+vS5yvTKFrXfGPpn+3a2qLa+aTHALcmWoQoqqXrRB/E= >-----END CERTIFICATE-----</Certificate> > <Type>local</Type> > <DN>CN=fi.lan,O=FI.LAN</DN> > <CertPP> Certificate: > Data: > Version: v3 > Serial Number: 0x3 > Signature Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11 > Issuer: CN=Certificate Authority,O=FI.LAN > Validity: > Not Before: Thursday, September 20, 2012 3:34:36 PM EEST Europe/Helsinki > Not After: Wednesday, September 10, 2014 3:34:36 PM EEST Europe/Helsinki > Subject: CN=fi.lan,O=FI.LAN > Subject Public Key Info: > Algorithm: RSA - 1.2.840.113549.1.1.1 > Public Key: > Exponent: 65537 > Public Key Modulus: (2048 bits) : > B7:8E:BB:FE:56:AF:03:83:2E:9B:6F:0B:98:38:99:1D: > AB:74:7A:EF:53:DD:6A:FE:7F:39:F2:C3:9F:7B:86:65: > 02:32:30:9E:9C:32:58:FB:5B:4E:CA:3B:5C:47:4E:D9: > 75:42:56:E0:C4:0D:EC:93:16:8B:0A:A3:CD:C4:5D:0B: > 54:D9:57:4F:F1:63:A9:9D:DA:2D:75:E4:C8:78:E6:EE: > 9B:41:EC:26:EA:36:6D:3D:F8:CC:87:CC:AF:CE:22:B0: > C1:C3:CF:F3:09:35:58:BD:DE:E4:7F:BC:D2:DE:96:B9: > EF:07:CB:FF:EE:D9:75:AF:C7:4C:24:7A:E6:04:68:49: > D7:37:21:B2:85:F4:F6:9D:3C:C6:E8:2F:7D:A9:8F:C1: > 5F:BA:DA:35:44:76:33:F1:D3:D4:7A:4B:DD:CC:65:F2: > 5F:45:46:67:3F:B4:57:21:DA:C6:FA:AE:50:A7:BD:D1: > 4A:4D:FD:7B:DA:50:13:BC:50:2D:66:AC:51:B3:02:9E: > EA:2A:3C:29:4C:08:A3:63:1B:FD:7E:4A:5C:72:FC:75: > 36:FA:C1:EF:EC:E1:BC:71:CC:6F:A4:D9:43:DA:DD:EF: > 84:12:4F:1F:18:18:B9:B9:00:DD:2A:88:92:BB:EE:23: > 62:1A:B1:5F:10:45:2C:38:CB:79:E2:53:60:65:5C:1B > Extensions: > Identifier: Authority Key Identifier - 2.5.29.35 > Critical: no > Key Identifier: > D8:DE:6E:19:7B:8C:01:C6:E7:9B:85:1A:67:0F:AF:CB: > 6E:7B:5F:23 > Identifier: Authority Info Access: - 1.3.6.1.5.5.7.1.1 > Critical: no > Access Description: > Method #0: ocsp > Location #0: URIName: http://fi.lan:80/ca/ocsp > Identifier: Key Usage: - 2.5.29.15 > Critical: yes > Key Usage: > Digital Signature > Non Repudiation > Key Encipherment > Data Encipherment > Identifier: Extended Key Usage: - 2.5.29.37 > Critical: no > Extended Key Usage: > 1.3.6.1.5.5.7.3.1 > Signature: > Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11 > Signature: > 8E:AC:29:65:90:76:83:9A:2E:77:54:DB:C4:B3:AD:8C: > B0:40:2A:61:3F:0F:8D:97:5D:68:DF:98:9E:A2:08:F4: > E6:6D:FE:25:51:03:C7:C4:E2:F4:9B:EE:FC:08:CE:6E: > FC:13:00:49:A8:1A:05:F4:30:25:AF:25:18:47:E9:A8: > 8C:D5:84:06:C3:62:11:D2:6B:30:AF:83:C0:AD:98:47: > 62:F6:AD:F4:37:AC:C2:5B:97:AA:AC:D1:2D:98:98:26: > EA:D1:CA:31:22:92:5C:70:6D:DC:57:C7:B8:18:5D:FA: > 23:2F:6A:94:42:42:C7:BF:7D:82:3E:65:26:29:0C:80: > 07:76:E4:6B:DD:AC:C3:C6:06:E8:FA:09:E5:87:6B:46: > 4A:A3:45:29:8F:DF:DC:FB:A3:8F:C9:81:FE:92:9D:74: > 87:7D:CC:96:9E:BB:84:20:59:F7:2B:C3:CB:47:A8:30: > 16:E2:92:A5:7A:A9:91:D0:D6:26:26:AF:1C:49:A7:46: > A4:EA:1F:12:95:16:C1:7E:B3:03:4A:C0:04:80:4E:1E: > FA:8D:D5:CA:47:C1:15:5F:DA:47:C8:47:AF:F3:A8:2A: > FA:F4:B9:CA:F4:CA:16:B5:DF:18:FA:67:FB:76:B6:A8: > B6:BE:69:31:C0:2D:C9:96:A1:0A:2A:A9:7A:D1:07:F1 > FingerPrint > MD2: > D5:99:7C:00:B3:7C:7E:CB:B4:88:77:55:0F:A9:9D:D8 > MD5: > 62:BB:94:7B:13:F0:F4:C0:5D:4D:E0:1D:30:01:CE:6B > SHA1: > 16:D0:B0:56:00:5E:8C:B2:0D:00:22:53:A8:BB:9A:FE: > 5C:C3:E9:EC > SHA256: > ED:AC:A9:86:CA:84:02:07:6A:91:F6:0C:84:BA:C5:72: > 96:D4:6E:C4:7D:1D:67:F6:B5:C5:25:04:7D:B1:CA:4B > SHA512: > 35:AE:62:88:43:ED:9D:BA:60:72:F5:F6:FF:68:6C:D4: > B9:78:44:61:9D:AF:04:E4:31:DA:2E:93:87:BD:28:45: > 51:FE:DF:65:CF:AB:55:26:DC:64:4A:1A:15:BE:96:5A: > 4A:CA:87:E8:B9:C4:C3:A3:E4:70:88:4A:83:A6:09:D7 ></CertPP> > <KeyOption/> > </CertReqPair> > <CertReqPair> > <Nickname>subsystemCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request>-----BEGIN CERTIFICATE REQUEST----- >MIICbTCCAVUCAQAwKDEPMA0GA1UEChMGRkkuTEFOMRUwEwYDVQQDEwxDQSBTdWJzeXN0ZW0wggEi >MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/zt9Macf+XgFY7F1RvEbltRsFWk32IE9N/vt0 >ZRBJVm+peVI3Q/62OKmgi40oP37VJ3NEQ+lNgrBA0Z6rR1K+FCjnLu8DsGrRdncmncxAwLWVbHp5 >ldYTW/dgJQE1rsYK9iyj9hkaA9K+6AN3ubwSB/H4KWCkhjx9PMlkxMqjJr8yHDk3hNNYlDNq3nrS >RX/98iceqKIribw0KlOPzD8cETtLbA9wszzhln86gAsFHNoYazXStYkYgHJ528/jT+j/OwdwQHO1 >uGhFKnnn+jPd/xljPtoE7obgA1qSIZE5u0ya6h64ZRSAootLsGSp+sUnyekyGlDusN41JyDUtDyv >AgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAvWi6ChXL4E35aNEkp8OLvACngBrq2NwlJMtRY5AW >g5zK7EkAzQuZNsYo3MlbU1BgL4fiCrMtMROKTBGN1Hql/DEuQd+PbSk0YRb7XM1pNSKMRrJXhkft >NtIdkDgvsc37D1AdsHFROruSJZVFJt3yp1MOYmhwQCZm44z0q+CXR+u55m6JyDQD8/2b6J0d/P+2 >osHdsqZ98HapRsF1cQDM+y9iWS+7ft0Q4Ad7YPUbvjpz6d8nLauFW6SxgxZnUIwt1gLxBWs6qGVT >CnAwzkXvVTjZ4L1xMTjddTSDod5cZ4MTCcSCXXKP0xRm5K5IUcmoymPvEzKXwG0EePUWpAQp9A== >-----END CERTIFICATE REQUEST-----</Request> > <Certificate>-----BEGIN CERTIFICATE----- >MIIDXjCCAkagAwIBAgIBBDANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZGSS5MQU4xHjAcBgNV >BAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAxMjM0MzhaFw0xNDA5MTAxMjM0Mzha >MCgxDzANBgNVBAoTBkZJLkxBTjEVMBMGA1UEAxMMQ0EgU3Vic3lzdGVtMIIBIjANBgkqhkiG9w0B >AQEFAAOCAQ8AMIIBCgKCAQEAv87fTGnH/l4BWOxdUbxG5bUbBVpN9iBPTf77dGUQSVZvqXlSN0P+ >tjipoIuNKD9+1SdzREPpTYKwQNGeq0dSvhQo5y7vA7Bq0XZ3Jp3MQMC1lWx6eZXWE1v3YCUBNa7G >CvYso/YZGgPSvugDd7m8Egfx+ClgpIY8fTzJZMTKoya/Mhw5N4TTWJQzat560kV//fInHqiiK4m8 >NCpTj8w/HBE7S2wPcLM84ZZ/OoALBRzaGGs10rWJGIByedvP40/o/zsHcEBztbhoRSp55/oz3f8Z >Yz7aBO6G4ANakiGRObtMmuoeuGUUgKKLS7BkqfrFJ8npMhpQ7rDeNScg1LQ8rwIDAQABo4GJMIGG >MB8GA1UdIwQYMBaAFNjebhl7jAHG55uFGmcPr8tue18jMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEF >BQcwAYYYaHR0cDovL2ZpLmxhbjo4MC9jYS9vY3NwMA4GA1UdDwEB/wQEAwIE8DAdBgNVHSUEFjAU >BggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAKHxl+EckQG8ALBrwtNg+n4d >zaCE6iAIrD8dEgA9a9OQ0rCHM+a3gYvUbwHMJ1lUhn11h9OXIpqPSFBLD/wp6Bh0r/5yBOcDlWYZ >d3YrdH/OgQg3DoxQJp9P8n8HvAlMMQKjZLn9kWxl6kP0vQg5SxCrWRwJ2X1dQ4Il2dl9qXEIxfug >jemrZfPxm6LTGI31994Mef8MygSEFC3ORPo50P6eQhcLaCq3UEpyV0S6FHBt26qeOH67RQYdj2YU >O/9dW1cpdHlYMnJ8c/unXs7JoG8GAt1ll+w1Gd/AkSRQWSyDkt6dlRFl5kBzuNEDKzI50/hYI0jc >6+P2nL+IZuSFo6o= >-----END CERTIFICATE-----</Certificate> > <Type>local</Type> > <DN>CN=CA Subsystem,O=FI.LAN</DN> > <CertPP> Certificate: > Data: > Version: v3 > Serial Number: 0x4 > Signature Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11 > Issuer: CN=Certificate Authority,O=FI.LAN > Validity: > Not Before: Thursday, September 20, 2012 3:34:38 PM EEST Europe/Helsinki > Not After: Wednesday, September 10, 2014 3:34:38 PM EEST Europe/Helsinki > Subject: CN=CA Subsystem,O=FI.LAN > Subject Public Key Info: > Algorithm: RSA - 1.2.840.113549.1.1.1 > Public Key: > Exponent: 65537 > Public Key Modulus: (2048 bits) : > BF:CE:DF:4C:69:C7:FE:5E:01:58:EC:5D:51:BC:46:E5: > B5:1B:05:5A:4D:F6:20:4F:4D:FE:FB:74:65:10:49:56: > 6F:A9:79:52:37:43:FE:B6:38:A9:A0:8B:8D:28:3F:7E: > D5:27:73:44:43:E9:4D:82:B0:40:D1:9E:AB:47:52:BE: > 14:28:E7:2E:EF:03:B0:6A:D1:76:77:26:9D:CC:40:C0: > B5:95:6C:7A:79:95:D6:13:5B:F7:60:25:01:35:AE:C6: > 0A:F6:2C:A3:F6:19:1A:03:D2:BE:E8:03:77:B9:BC:12: > 07:F1:F8:29:60:A4:86:3C:7D:3C:C9:64:C4:CA:A3:26: > BF:32:1C:39:37:84:D3:58:94:33:6A:DE:7A:D2:45:7F: > FD:F2:27:1E:A8:A2:2B:89:BC:34:2A:53:8F:CC:3F:1C: > 11:3B:4B:6C:0F:70:B3:3C:E1:96:7F:3A:80:0B:05:1C: > DA:18:6B:35:D2:B5:89:18:80:72:79:DB:CF:E3:4F:E8: > FF:3B:07:70:40:73:B5:B8:68:45:2A:79:E7:FA:33:DD: > FF:19:63:3E:DA:04:EE:86:E0:03:5A:92:21:91:39:BB: > 4C:9A:EA:1E:B8:65:14:80:A2:8B:4B:B0:64:A9:FA:C5: > 27:C9:E9:32:1A:50:EE:B0:DE:35:27:20:D4:B4:3C:AF > Extensions: > Identifier: Authority Key Identifier - 2.5.29.35 > Critical: no > Key Identifier: > D8:DE:6E:19:7B:8C:01:C6:E7:9B:85:1A:67:0F:AF:CB: > 6E:7B:5F:23 > Identifier: Authority Info Access: - 1.3.6.1.5.5.7.1.1 > Critical: no > Access Description: > Method #0: ocsp > Location #0: URIName: http://fi.lan:80/ca/ocsp > Identifier: Key Usage: - 2.5.29.15 > Critical: yes > Key Usage: > Digital Signature > Non Repudiation > Key Encipherment > Data Encipherment > Identifier: Extended Key Usage: - 2.5.29.37 > Critical: no > Extended Key Usage: > 1.3.6.1.5.5.7.3.1 > 1.3.6.1.5.5.7.3.2 > Signature: > Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11 > Signature: > A1:F1:97:E1:1C:91:01:BC:00:B0:6B:C2:D3:60:FA:7E: > 1D:CD:A0:84:EA:20:08:AC:3F:1D:12:00:3D:6B:D3:90: > D2:B0:87:33:E6:B7:81:8B:D4:6F:01:CC:27:59:54:86: > 7D:75:87:D3:97:22:9A:8F:48:50:4B:0F:FC:29:E8:18: > 74:AF:FE:72:04:E7:03:95:66:19:77:76:2B:74:7F:CE: > 81:08:37:0E:8C:50:26:9F:4F:F2:7F:07:BC:09:4C:31: > 02:A3:64:B9:FD:91:6C:65:EA:43:F4:BD:08:39:4B:10: > AB:59:1C:09:D9:7D:5D:43:82:25:D9:D9:7D:A9:71:08: > C5:FB:A0:8D:E9:AB:65:F3:F1:9B:A2:D3:18:8D:F5:F7: > DE:0C:79:FF:0C:CA:04:84:14:2D:CE:44:FA:39:D0:FE: > 9E:42:17:0B:68:2A:B7:50:4A:72:57:44:BA:14:70:6D: > DB:AA:9E:38:7E:BB:45:06:1D:8F:66:14:3B:FF:5D:5B: > 57:29:74:79:58:32:72:7C:73:FB:A7:5E:CE:C9:A0:6F: > 06:02:DD:65:97:EC:35:19:DF:C0:91:24:50:59:2C:83: > 92:DE:9D:95:11:65:E6:40:73:B8:D1:03:2B:32:39:D3: > F8:58:23:48:DC:EB:E3:F6:9C:BF:88:66:E4:85:A3:AA > FingerPrint > MD2: > B4:A5:16:1C:16:D1:05:DF:3C:82:ED:71:38:BA:11:C5 > MD5: > C0:54:FE:AA:6A:91:51:0E:92:00:0D:36:B3:5B:05:BF > SHA1: > 12:FE:1D:38:E9:58:90:C8:48:05:BD:95:53:57:B3:FD: > DB:7B:9C:61 > SHA256: > 8F:91:0B:EB:A2:2D:44:6E:FC:B0:08:8B:38:BB:E1:5A: > 82:3B:82:D4:D1:01:D6:F4:82:F2:77:90:25:35:66:FE > SHA512: > C3:A5:C5:F4:32:CC:A7:56:35:9F:53:0C:E6:D9:8C:93: > DF:75:BE:BF:77:C9:AD:8E:25:61:2D:EA:F4:A7:A3:25: > 3F:C5:DF:A5:C5:C5:6B:0F:DF:26:8C:8C:43:35:0B:ED: > AE:0F:9C:33:5E:FA:E0:C5:80:75:AD:93:45:DB:3F:A3 ></CertPP> > <KeyOption/> > </CertReqPair> > <CertReqPair> > <Nickname>auditSigningCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request>-----BEGIN CERTIFICATE REQUEST----- >MIICaTCCAVECAQAwJDEPMA0GA1UEChMGRkkuTEFOMREwDwYDVQQDEwhDQSBBdWRpdDCCASIwDQYJ >KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKllTovE/nXHz81Ai0XLBlhLKlbmRccJuLiYPP0Wz66q >W981CWZHeuUNnE+8xp4UWtRmDgJHQuLj2rERXDLUwKpog/69vIT3DYaSpw1+/ZeUQvGhoLpXvS/e >/Dz1fO/15S4Uw7+IWvFezw37gaDxJDTq8R9EosqtAI4MhtrjldLXoGi/7b8rLAUabAFAZ08nOqTe >uHcwSKoTMA+eA3rjIH5s5vlEv3YQKZqrVCtWy0zv6Dk26cR1p2DUdjd6eoUv3aR5AvgUboIuzYOJ >0jToclL6hVPlWkAXJk1xR4d4kbxxXXITRq4f4oRnaznakvZxorFENzTOrCz/RdTcuV/sNFsCAwEA >AaAAMA0GCSqGSIb3DQEBCwUAA4IBAQAIxuwNgE2+SCo/ZT8CY3/5/YOn/ZcZxhnMQT54Vi7Tag87 >kEh1yuFHuQqe3U7wSSwXyxGmxqR8HZr2cpBd7d0+zv0MuqUs7K5K7TiwEXIXshQ9WRXmOL4q/6/0 >JfikzsqPTMjSZ+dZjv6jE08Fhil7czqT///z/n4GGen5QRneDMfbYr8cZauTwcMa2agPkWsS/nQ/ >stBoldmzFbDWHTqlwrDV/SVgCRlxM+ZhOMiHNr9m0uvVxHF1ikmaQ9iVVik1nQeRMYPZAJTt9nHC >+W5h7KKbFP10wFcowtrJzBof6SYUzsMIOorQ+0ns5XQ8WcU/sGIBuUhZiU9MI/UEySIE >-----END CERTIFICATE REQUEST-----</Request> > <Certificate>-----BEGIN CERTIFICATE----- >MIIDOTCCAiGgAwIBAgIBBTANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZGSS5MQU4xHjAcBgNV >BAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAxMjM0MzlaFw0xNDA5MTAxMjM0Mzla >MCQxDzANBgNVBAoTBkZJLkxBTjERMA8GA1UEAxMIQ0EgQXVkaXQwggEiMA0GCSqGSIb3DQEBAQUA >A4IBDwAwggEKAoIBAQCpZU6LxP51x8/NQItFywZYSypW5kXHCbi4mDz9Fs+uqlvfNQlmR3rlDZxP >vMaeFFrUZg4CR0Li49qxEVwy1MCqaIP+vbyE9w2GkqcNfv2XlELxoaC6V70v3vw89Xzv9eUuFMO/ >iFrxXs8N+4Gg8SQ06vEfRKLKrQCODIba45XS16Bov+2/KywFGmwBQGdPJzqk3rh3MEiqEzAPngN6 >4yB+bOb5RL92ECmaq1QrVstM7+g5NunEdadg1HY3enqFL92keQL4FG6CLs2DidI06HJS+oVT5VpA >FyZNcUeHeJG8cV1yE0auH+KEZ2s52pL2caKxRDc0zqws/0XU3Llf7DRbAgMBAAGjaTBnMB8GA1Ud >IwQYMBaAFNjebhl7jAHG55uFGmcPr8tue18jMA4GA1UdDwEB/wQEAwIGwDA0BggrBgEFBQcBAQQo >MCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9maS5sYW46ODAvY2Evb2NzcDANBgkqhkiG9w0BAQsFAAOC >AQEAS+oBRh7HIuQN005omCEZGMz9CHR0IpC9w46imRAEr9foB/PIbDDs18UABqY+8m8nznxSqMjZ >QGFvKP5rqcIi3zuD4SGNcfjX/Qcbwofnyt/FhEA3WS8AoKbCQkbNPqLpnG8m+pgoWW0lVuxKNq22 >wDvw3ylJw0y//tAW2ffXIrwH2NlyJpZMfBjfX9LuVXJoeCErB38gcw68f8cQU+5TTeAAXCqjJ+H6 >rhhxXMsN7Cc7FafDgnTn2pfC0hIXSe+EMg4NweixpQjYkHlMDQs7jhvuUKhfFX6pBvCyBswB8dMB >uAmj/jgCgSGQSyYdJ0aQhJ3N2h5HzwHcdx37uSgJXg== >-----END CERTIFICATE-----</Certificate> > <Type>local</Type> > <DN>CN=CA Audit,O=FI.LAN</DN> > <CertPP> Certificate: > Data: > Version: v3 > Serial Number: 0x5 > Signature Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11 > Issuer: CN=Certificate Authority,O=FI.LAN > Validity: > Not Before: Thursday, September 20, 2012 3:34:39 PM EEST Europe/Helsinki > Not After: Wednesday, September 10, 2014 3:34:39 PM EEST Europe/Helsinki > Subject: CN=CA Audit,O=FI.LAN > Subject Public Key Info: > Algorithm: RSA - 1.2.840.113549.1.1.1 > Public Key: > Exponent: 65537 > Public Key Modulus: (2048 bits) : > A9:65:4E:8B:C4:FE:75:C7:CF:CD:40:8B:45:CB:06:58: > 4B:2A:56:E6:45:C7:09:B8:B8:98:3C:FD:16:CF:AE:AA: > 5B:DF:35:09:66:47:7A:E5:0D:9C:4F:BC:C6:9E:14:5A: > D4:66:0E:02:47:42:E2:E3:DA:B1:11:5C:32:D4:C0:AA: > 68:83:FE:BD:BC:84:F7:0D:86:92:A7:0D:7E:FD:97:94: > 42:F1:A1:A0:BA:57:BD:2F:DE:FC:3C:F5:7C:EF:F5:E5: > 2E:14:C3:BF:88:5A:F1:5E:CF:0D:FB:81:A0:F1:24:34: > EA:F1:1F:44:A2:CA:AD:00:8E:0C:86:DA:E3:95:D2:D7: > A0:68:BF:ED:BF:2B:2C:05:1A:6C:01:40:67:4F:27:3A: > A4:DE:B8:77:30:48:AA:13:30:0F:9E:03:7A:E3:20:7E: > 6C:E6:F9:44:BF:76:10:29:9A:AB:54:2B:56:CB:4C:EF: > E8:39:36:E9:C4:75:A7:60:D4:76:37:7A:7A:85:2F:DD: > A4:79:02:F8:14:6E:82:2E:CD:83:89:D2:34:E8:72:52: > FA:85:53:E5:5A:40:17:26:4D:71:47:87:78:91:BC:71: > 5D:72:13:46:AE:1F:E2:84:67:6B:39:DA:92:F6:71:A2: > B1:44:37:34:CE:AC:2C:FF:45:D4:DC:B9:5F:EC:34:5B > Extensions: > Identifier: Authority Key Identifier - 2.5.29.35 > Critical: no > Key Identifier: > D8:DE:6E:19:7B:8C:01:C6:E7:9B:85:1A:67:0F:AF:CB: > 6E:7B:5F:23 > Identifier: Key Usage: - 2.5.29.15 > Critical: yes > Key Usage: > Digital Signature > Non Repudiation > Identifier: Authority Info Access: - 1.3.6.1.5.5.7.1.1 > Critical: no > Access Description: > Method #0: ocsp > Location #0: URIName: http://fi.lan:80/ca/ocsp > Signature: > Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11 > Signature: > 4B:EA:01:46:1E:C7:22:E4:0D:D3:4E:68:98:21:19:18: > CC:FD:08:74:74:22:90:BD:C3:8E:A2:99:10:04:AF:D7: > E8:07:F3:C8:6C:30:EC:D7:C5:00:06:A6:3E:F2:6F:27: > CE:7C:52:A8:C8:D9:40:61:6F:28:FE:6B:A9:C2:22:DF: > 3B:83:E1:21:8D:71:F8:D7:FD:07:1B:C2:87:E7:CA:DF: > C5:84:40:37:59:2F:00:A0:A6:C2:42:46:CD:3E:A2:E9: > 9C:6F:26:FA:98:28:59:6D:25:56:EC:4A:36:AD:B6:C0: > 3B:F0:DF:29:49:C3:4C:BF:FE:D0:16:D9:F7:D7:22:BC: > 07:D8:D9:72:26:96:4C:7C:18:DF:5F:D2:EE:55:72:68: > 78:21:2B:07:7F:20:73:0E:BC:7F:C7:10:53:EE:53:4D: > E0:00:5C:2A:A3:27:E1:FA:AE:18:71:5C:CB:0D:EC:27: > 3B:15:A7:C3:82:74:E7:DA:97:C2:D2:12:17:49:EF:84: > 32:0E:0D:C1:E8:B1:A5:08:D8:90:79:4C:0D:0B:3B:8E: > 1B:EE:50:A8:5F:15:7E:A9:06:F0:B2:06:CC:01:F1:D3: > 01:B8:09:A3:FE:38:02:81:21:90:4B:26:1D:27:46:90: > 84:9D:CD:DA:1E:47:CF:01:DC:77:1D:FB:B9:28:09:5E > FingerPrint > MD2: > C2:C7:31:A2:17:EF:16:9B:58:3F:DC:97:20:E7:E0:E4 > MD5: > 30:5F:51:E3:99:E9:3F:32:D8:C6:39:99:79:41:88:D6 > SHA1: > 5A:5F:1E:A0:BB:42:9D:DB:F8:67:B4:2B:DC:36:1C:86: > 6E:DF:F3:20 > SHA256: > 5F:68:DE:49:84:33:6D:44:34:94:16:51:43:48:61:10: > A7:C6:35:65:18:C8:45:F4:65:F7:78:F0:AD:CC:7F:8E > SHA512: > ED:49:E7:41:B8:A1:3B:B8:03:44:DB:66:52:C9:BE:74: > 6C:CD:2E:D0:41:58:25:82:2F:39:8B:44:F9:DE:66:D8: > 1E:B6:03:A0:35:91:7F:6A:82:85:B7:9D:5A:8D:EB:C5: > 51:50:4B:03:52:8E:4E:4D:36:A4:B1:A3:A4:1F:B2:A5 ></CertPP> > <KeyOption/> > </CertReqPair> > </Vector> > </reqscerts> > <status>display</status> > <updateStatus>success</updateStatus> > <errorString/> > <size>19</size> > <title>Requests and Certificates</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <p>12</p> > <name>CA Setup Wizard</name> > <req/> > <panelname>certrequest</panelname> ></response> >tag=Request value=-----BEGIN CERTIFICATE REQUEST----- >MIICdjCCAV4CAQAwMTEPMA0GA1UEChMGRkkuTEFOMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRo >b3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDguV9Kjmc1jwT66xwo1qOEpcSf >kJ8xtyo5nDgszkg25IMtHx3s+WdLqlILgEwEDqremqo/xMc/COpiZ3S/TY7kGh+xHov9bJry6WgI >urxCnnayrtP/GtWggZBl0zlXDzomOrC0GdmtzTVx1iT3GvKCj8JAL/NIn2dzPzCcufuII4BcD6uR >nyzof3xN5H++hN2PFPu88Sicz3xv9qi1kDthqLnpvYKaDUGyjRWIzmEtQEcwEwJGX+vNuutny0Ia >qTlPWZuOxjSrTE1bi4j1wLX3kn4oftNm/eBdAW0HgZZrL9ow7Yc/bbmkoPOf06/Qqu0q0CplOEgR >l/1h9yrmxJSHAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAsOYTHm1dPZ1C1fIUnpVaB26fXkGU >VPqJjLzaFMa4bWpkZrY2WC27guTA0BUYOrYbVOHROojqa+gz0kyc1rMkJaYdX4JA3NMOD2n8f7re >8BBtMEXBmSlXeNoCL6RmUGWBAtA9CWbpMycANwGeFYPc2gICeXKGhOFD2HuTd7TFqpRrUKJgQCA3 >r0ginXszoFFHqjWZAVFgSpq723dcn4OpsTNVAMj8gviA9/hX/gCPs5PArYU0t7kKjp9WmCi+N6YR >qx9BnRgYNPXnbtnr5jIh8Eh8rzRJuC2Xfsf/xzSZnB/Jz34CrOXgdMIbFWtQNEeokicYvF12FQsG >DTLvG6Rnvg== >-----END CERTIFICATE REQUEST----- >tag=Request value=-----BEGIN CERTIFICATE REQUEST----- >MIICbzCCAVcCAQAwKjEPMA0GA1UEChMGRkkuTEFOMRcwFQYDVQQDEw5PQ1NQIFN1YnN5c3RlbTCC >ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM3LtZX/dmV4B59pSyqcao4VslrlJG1JmmPA >/loar2t9U8+oNCNlJEyNXX8vOUQUF0o3tqHkpBl2379Dm4stV5c5gHKqSW6vF+wotJ7h/svXCCu3 >GmVeImbbdP6Yx3yDtk8/lCPwg6cn5WX7uBWlhj4ziqQpNH24ljyPP0XnY4oU8GqBRpE3GjtYTCF9 >xbP+g8AZcRXvLsYVr7Z+LgXxaJoXhi6s7JLpt/662NXoBeESeQrAHP3f3lu5Zuy8yHyUtWDhOl5Z >jdohFY52i7Ifx7zeI5f2CIImSTFEljCCqueXMqoeb/aDp7/eEppNzq8oHxTtUHjevyxlQs2pZWX9 >6Q8CAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQAdfNRe1eFMH3twH0YCdiu/Ke6rGX9/BIuJYvbf >jDjwbuZNf2mm/fswMjmqbzuTbd+FPiT3FwyeX9S/MNsZbFCpBOMTIukWX0Jvs0U+j9cZS7SviEsQ >V+dX3pYENwLqrzoFgRXEffUhKGqyOhz29GH94S4g4zEbQwWgGMa8K+IK4gvRbKEtOl6zQCqq+eqr >pTUpXe0jnMz9tEdgri9EaHfYsA+zd9rZzZDHU9eHtRFybkCW0DEVjZq09g2WTE/myjhGqZJIkxjr >L6s/YS5zFNRzTPnIJ08/avJ4k0dyPM2qY9x3ufbB9m9iVPX7c4FVUdCkt3oLh56Lgvsj71k8gsXB >-----END CERTIFICATE REQUEST----- >tag=Request value=-----BEGIN CERTIFICATE REQUEST----- >MIICZzCCAU8CAQAwIjEPMA0GA1UEChMGRkkuTEFOMQ8wDQYDVQQDEwZmaS5sYW4wggEiMA0GCSqG >SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3jrv+Vq8Dgy6bbwuYOJkdq3R671Pdav5/OfLDn3uGZQIy >MJ6cMlj7W07KO1xHTtl1QlbgxA3skxaLCqPNxF0LVNlXT/FjqZ3aLXXkyHjm7ptB7CbqNm09+MyH >zK/OIrDBw8/zCTVYvd7kf7zS3pa57wfL/+7Zda/HTCR65gRoSdc3IbKF9PadPMboL32pj8Ffuto1 >RHYz8dPUekvdzGXyX0VGZz+0VyHaxvquUKe90UpN/XvaUBO8UC1mrFGzAp7qKjwpTAijYxv9fkpc >cvx1NvrB7+zhvHHMb6TZQ9rd74QSTx8YGLm5AN0qiJK77iNiGrFfEEUsOMt54lNgZVwbAgMBAAGg >ADANBgkqhkiG9w0BAQsFAAOCAQEATsL3V5QYFYRZRPxPzEM1YsTaCsV4ZqXdsC9u5Bie3wP6UVrP >RjeCgz+1OdWiSsVKXJbrMS3RgWEq2bTgT0Cy63LH64rbjabSJhujRwFMVna6kPJHij8V1NjUhRDw >wjLRARzjTqRZCsKFQ3ZgG7EKye/WSP/QwdDTmAD3K2gGaP8kK8bVfjJBulR4hjWxBLbEtpxGj9DQ >lBr8JU1h7CHqmnkVRYznXK3f7jKG4cztkjqf++UIKA4Dz4i0U7gpTIeSuY1t58j9aavTYKL6k5Ax >oZwRuVCZ2n39KNnWL/XFAZR9bY9RCJw2SQi1CmsSaiCmta7/Ibv5RUCpXsqbrzNl0A== >-----END CERTIFICATE REQUEST----- >tag=Request value=-----BEGIN CERTIFICATE REQUEST----- >MIICbTCCAVUCAQAwKDEPMA0GA1UEChMGRkkuTEFOMRUwEwYDVQQDEwxDQSBTdWJzeXN0ZW0wggEi >MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/zt9Macf+XgFY7F1RvEbltRsFWk32IE9N/vt0 >ZRBJVm+peVI3Q/62OKmgi40oP37VJ3NEQ+lNgrBA0Z6rR1K+FCjnLu8DsGrRdncmncxAwLWVbHp5 >ldYTW/dgJQE1rsYK9iyj9hkaA9K+6AN3ubwSB/H4KWCkhjx9PMlkxMqjJr8yHDk3hNNYlDNq3nrS >RX/98iceqKIribw0KlOPzD8cETtLbA9wszzhln86gAsFHNoYazXStYkYgHJ528/jT+j/OwdwQHO1 >uGhFKnnn+jPd/xljPtoE7obgA1qSIZE5u0ya6h64ZRSAootLsGSp+sUnyekyGlDusN41JyDUtDyv >AgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAvWi6ChXL4E35aNEkp8OLvACngBrq2NwlJMtRY5AW >g5zK7EkAzQuZNsYo3MlbU1BgL4fiCrMtMROKTBGN1Hql/DEuQd+PbSk0YRb7XM1pNSKMRrJXhkft >NtIdkDgvsc37D1AdsHFROruSJZVFJt3yp1MOYmhwQCZm44z0q+CXR+u55m6JyDQD8/2b6J0d/P+2 >osHdsqZ98HapRsF1cQDM+y9iWS+7ft0Q4Ad7YPUbvjpz6d8nLauFW6SxgxZnUIwt1gLxBWs6qGVT >CnAwzkXvVTjZ4L1xMTjddTSDod5cZ4MTCcSCXXKP0xRm5K5IUcmoymPvEzKXwG0EePUWpAQp9A== >-----END CERTIFICATE REQUEST----- >tag=Request value=-----BEGIN CERTIFICATE REQUEST----- >MIICaTCCAVECAQAwJDEPMA0GA1UEChMGRkkuTEFOMREwDwYDVQQDEwhDQSBBdWRpdDCCASIwDQYJ >KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKllTovE/nXHz81Ai0XLBlhLKlbmRccJuLiYPP0Wz66q >W981CWZHeuUNnE+8xp4UWtRmDgJHQuLj2rERXDLUwKpog/69vIT3DYaSpw1+/ZeUQvGhoLpXvS/e >/Dz1fO/15S4Uw7+IWvFezw37gaDxJDTq8R9EosqtAI4MhtrjldLXoGi/7b8rLAUabAFAZ08nOqTe >uHcwSKoTMA+eA3rjIH5s5vlEv3YQKZqrVCtWy0zv6Dk26cR1p2DUdjd6eoUv3aR5AvgUboIuzYOJ >0jToclL6hVPlWkAXJk1xR4d4kbxxXXITRq4f4oRnaznakvZxorFENzTOrCz/RdTcuV/sNFsCAwEA >AaAAMA0GCSqGSIb3DQEBCwUAA4IBAQAIxuwNgE2+SCo/ZT8CY3/5/YOn/ZcZxhnMQT54Vi7Tag87 >kEh1yuFHuQqe3U7wSSwXyxGmxqR8HZr2cpBd7d0+zv0MuqUs7K5K7TiwEXIXshQ9WRXmOL4q/6/0 >JfikzsqPTMjSZ+dZjv6jE08Fhil7czqT///z/n4GGen5QRneDMfbYr8cZauTwcMa2agPkWsS/nQ/ >stBoldmzFbDWHTqlwrDV/SVgCRlxM+ZhOMiHNr9m0uvVxHF1ikmaQ9iVVik1nQeRMYPZAJTt9nHC >+W5h7KKbFP10wFcowtrJzBof6SYUzsMIOorQ+0ns5XQ8WcU/sGIBuUhZiU9MI/UEySIE >-----END CERTIFICATE REQUEST----- >tag=Certificate value=-----BEGIN CERTIFICATE----- >MIIDeDCCAmCgAwIBAgIBATANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZGSS5MQU4xHjAcBgNV >BAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAxMjM0MzNaFw0yMDA5MjAxMjM0MzNa >MDExDzANBgNVBAoTBkZJLkxBTjEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIIBIjAN >BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LlfSo5nNY8E+uscKNajhKXEn5CfMbcqOZw4LM5I >NuSDLR8d7PlnS6pSC4BMBA6q3pqqP8THPwjqYmd0v02O5BofsR6L/Wya8uloCLq8Qp52sq7T/xrV >oIGQZdM5Vw86JjqwtBnZrc01cdYk9xrygo/CQC/zSJ9ncz8wnLn7iCOAXA+rkZ8s6H98TeR/voTd >jxT7vPEonM98b/aotZA7Yai56b2Cmg1Bso0ViM5hLUBHMBMCRl/rzbrrZ8tCGqk5T1mbjsY0q0xN >W4uI9cC195J+KH7TZv3gXQFtB4GWay/aMO2HP225pKDzn9Ov0KrtKtAqZThIEZf9Yfcq5sSUhwID >AQABo4GaMIGXMB8GA1UdIwQYMBaAFNjebhl7jAHG55uFGmcPr8tue18jMA8GA1UdEwEB/wQFMAMB >Af8wDgYDVR0PAQH/BAQDAgHGMB0GA1UdDgQWBBTY3m4Ze4wBxuebhRpnD6/LbntfIzA0BggrBgEF >BQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9maS5sYW46ODAvY2Evb2NzcDANBgkqhkiG9w0B >AQsFAAOCAQEATRAHpxbCxQYgDc9c9HajO8uw7rnC17fhAIqAZnyAJRvldG8TXKTKOMsjIgWKc1WQ >gVk9rASJyjIj3lrAy39VMZAqoix5QCLld2V2Pzv8dwJtAQV7NWBRCbRaR+27sPb5F3VxROFO73Xk >VSgTUDANhNMRsRJqMaa1uP5QiIu93bqhUgtSeruKrQxku21b06JmAa3ZFttebbceOGaX2E/Bn3sB >UkvalYU/Xe0m42zg6SXDe55iFKxAYRsQM7DqUmnhPiNv9J+QphqrpOdytTOVXAia/MyZTlj4/XPH >8GxFoCR5a0Wr++78LixQXfAT0siZHyHHzF1wTfp6XtMGMSLVyw== >-----END CERTIFICATE----- >tag=Certificate value=-----BEGIN CERTIFICATE----- >MIIDVDCCAjygAwIBAgIBAjANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZGSS5MQU4xHjAcBgNV >BAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAxMjM0MzZaFw0xNDA5MTAxMjM0MzZa >MCoxDzANBgNVBAoTBkZJLkxBTjEXMBUGA1UEAxMOT0NTUCBTdWJzeXN0ZW0wggEiMA0GCSqGSIb3 >DQEBAQUAA4IBDwAwggEKAoIBAQDNy7WV/3ZleAefaUsqnGqOFbJa5SRtSZpjwP5aGq9rfVPPqDQj >ZSRMjV1/LzlEFBdKN7ah5KQZdt+/Q5uLLVeXOYByqklurxfsKLSe4f7L1wgrtxplXiJm23T+mMd8 >g7ZPP5Qj8IOnJ+Vl+7gVpYY+M4qkKTR9uJY8jz9F52OKFPBqgUaRNxo7WEwhfcWz/oPAGXEV7y7G >Fa+2fi4F8WiaF4YurOyS6bf+utjV6AXhEnkKwBz9395buWbsvMh8lLVg4TpeWY3aIRWOdouyH8e8 >3iOX9giCJkkxRJYwgqrnlzKqHm/2g6e/3hKaTc6vKB8U7VB43r8sZULNqWVl/ekPAgMBAAGjfjB8 >MB8GA1UdIwQYMBaAFNjebhl7jAHG55uFGmcPr8tue18jMA4GA1UdDwEB/wQEAwIBxjA0BggrBgEF >BQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9maS5sYW46ODAvY2Evb2NzcDATBgNVHSUEDDAK >BggrBgEFBQcDCTANBgkqhkiG9w0BAQsFAAOCAQEACw3NoRFRJz4wk85QrzHhe9Z8OvOciT0k9PVO >zdvDSoU/S6xUkfsL7wUPJg5+1d2o8F6l7HhvOtgAGgz8VIXp09HODBo8GrTQdHJ68Zof6jjDugmm >/X/1Y155tjZtI9MOGilCpJ0q6hnGCdeVe6S+IxcAy8G13jKQIzvW2GglnQCeP94sK2wi9Usx13xv >KpjCMHuT2Nf6qQH5dOjRAzryoONfRk/npS2scvfGQEztDpomhfvhaycZKlNSIMApGd2qQKn18NRv >Qp8JldVQAS7wZ+MBNvWplkn8Zr+h9ml/mghk5h4MVVGFzyCX6Gfcm+2kELe/SL4qx6NH5kdoj4FS >kA== >-----END CERTIFICATE----- >tag=Certificate value=-----BEGIN CERTIFICATE----- >MIIDTDCCAjSgAwIBAgIBAzANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZGSS5MQU4xHjAcBgNV >BAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAxMjM0MzZaFw0xNDA5MTAxMjM0MzZa >MCIxDzANBgNVBAoTBkZJLkxBTjEPMA0GA1UEAxMGZmkubGFuMIIBIjANBgkqhkiG9w0BAQEFAAOC >AQ8AMIIBCgKCAQEAt467/lavA4Mum28LmDiZHat0eu9T3Wr+fznyw597hmUCMjCenDJY+1tOyjtc >R07ZdUJW4MQN7JMWiwqjzcRdC1TZV0/xY6md2i115Mh45u6bQewm6jZtPfjMh8yvziKwwcPP8wk1 >WL3e5H+80t6Wue8Hy//u2XWvx0wkeuYEaEnXNyGyhfT2nTzG6C99qY/BX7raNUR2M/HT1HpL3cxl >8l9FRmc/tFch2sb6rlCnvdFKTf172lATvFAtZqxRswKe6io8KUwIo2Mb/X5KXHL8dTb6we/s4bxx >zG+k2UPa3e+EEk8fGBi5uQDdKoiSu+4jYhqxXxBFLDjLeeJTYGVcGwIDAQABo34wfDAfBgNVHSME >GDAWgBTY3m4Ze4wBxuebhRpnD6/LbntfIzA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0 >dHA6Ly9maS5sYW46ODAvY2Evb2NzcDAOBgNVHQ8BAf8EBAMCBPAwEwYDVR0lBAwwCgYIKwYBBQUH >AwEwDQYJKoZIhvcNAQELBQADggEBAI6sKWWQdoOaLndU28SzrYywQCphPw+Nl11o35ieogj05m3+ >JVEDx8Ti9Jvu/AjObvwTAEmoGgX0MCWvJRhH6aiM1YQGw2IR0mswr4PArZhHYvat9DeswluXqqzR >LZiYJurRyjEiklxwbdxXx7gYXfojL2qUQkLHv32CPmUmKQyAB3bka92sw8YG6PoJ5YdrRkqjRSmP >39z7o4/Jgf6SnXSHfcyWnruEIFn3K8PLR6gwFuKSpXqpkdDWJiavHEmnRqTqHxKVFsF+swNKwASA >Th76jdXKR8EVX9pHyEev86gq+vS5yvTKFrXfGPpn+3a2qLa+aTHALcmWoQoqqXrRB/E= >-----END CERTIFICATE----- >tag=Certificate value=-----BEGIN CERTIFICATE----- >MIIDXjCCAkagAwIBAgIBBDANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZGSS5MQU4xHjAcBgNV >BAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAxMjM0MzhaFw0xNDA5MTAxMjM0Mzha >MCgxDzANBgNVBAoTBkZJLkxBTjEVMBMGA1UEAxMMQ0EgU3Vic3lzdGVtMIIBIjANBgkqhkiG9w0B >AQEFAAOCAQ8AMIIBCgKCAQEAv87fTGnH/l4BWOxdUbxG5bUbBVpN9iBPTf77dGUQSVZvqXlSN0P+ >tjipoIuNKD9+1SdzREPpTYKwQNGeq0dSvhQo5y7vA7Bq0XZ3Jp3MQMC1lWx6eZXWE1v3YCUBNa7G >CvYso/YZGgPSvugDd7m8Egfx+ClgpIY8fTzJZMTKoya/Mhw5N4TTWJQzat560kV//fInHqiiK4m8 >NCpTj8w/HBE7S2wPcLM84ZZ/OoALBRzaGGs10rWJGIByedvP40/o/zsHcEBztbhoRSp55/oz3f8Z >Yz7aBO6G4ANakiGRObtMmuoeuGUUgKKLS7BkqfrFJ8npMhpQ7rDeNScg1LQ8rwIDAQABo4GJMIGG >MB8GA1UdIwQYMBaAFNjebhl7jAHG55uFGmcPr8tue18jMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEF >BQcwAYYYaHR0cDovL2ZpLmxhbjo4MC9jYS9vY3NwMA4GA1UdDwEB/wQEAwIE8DAdBgNVHSUEFjAU >BggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAKHxl+EckQG8ALBrwtNg+n4d >zaCE6iAIrD8dEgA9a9OQ0rCHM+a3gYvUbwHMJ1lUhn11h9OXIpqPSFBLD/wp6Bh0r/5yBOcDlWYZ >d3YrdH/OgQg3DoxQJp9P8n8HvAlMMQKjZLn9kWxl6kP0vQg5SxCrWRwJ2X1dQ4Il2dl9qXEIxfug >jemrZfPxm6LTGI31994Mef8MygSEFC3ORPo50P6eQhcLaCq3UEpyV0S6FHBt26qeOH67RQYdj2YU >O/9dW1cpdHlYMnJ8c/unXs7JoG8GAt1ll+w1Gd/AkSRQWSyDkt6dlRFl5kBzuNEDKzI50/hYI0jc >6+P2nL+IZuSFo6o= >-----END CERTIFICATE----- >tag=Certificate value=-----BEGIN CERTIFICATE----- >MIIDOTCCAiGgAwIBAgIBBTANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZGSS5MQU4xHjAcBgNV >BAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAxMjM0MzlaFw0xNDA5MTAxMjM0Mzla >MCQxDzANBgNVBAoTBkZJLkxBTjERMA8GA1UEAxMIQ0EgQXVkaXQwggEiMA0GCSqGSIb3DQEBAQUA >A4IBDwAwggEKAoIBAQCpZU6LxP51x8/NQItFywZYSypW5kXHCbi4mDz9Fs+uqlvfNQlmR3rlDZxP >vMaeFFrUZg4CR0Li49qxEVwy1MCqaIP+vbyE9w2GkqcNfv2XlELxoaC6V70v3vw89Xzv9eUuFMO/ >iFrxXs8N+4Gg8SQ06vEfRKLKrQCODIba45XS16Bov+2/KywFGmwBQGdPJzqk3rh3MEiqEzAPngN6 >4yB+bOb5RL92ECmaq1QrVstM7+g5NunEdadg1HY3enqFL92keQL4FG6CLs2DidI06HJS+oVT5VpA >FyZNcUeHeJG8cV1yE0auH+KEZ2s52pL2caKxRDc0zqws/0XU3Llf7DRbAgMBAAGjaTBnMB8GA1Ud >IwQYMBaAFNjebhl7jAHG55uFGmcPr8tue18jMA4GA1UdDwEB/wQEAwIGwDA0BggrBgEFBQcBAQQo >MCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9maS5sYW46ODAvY2Evb2NzcDANBgkqhkiG9w0BAQsFAAOC >AQEAS+oBRh7HIuQN005omCEZGMz9CHR0IpC9w46imRAEr9foB/PIbDDs18UABqY+8m8nznxSqMjZ >QGFvKP5rqcIi3zuD4SGNcfjX/Qcbwofnyt/FhEA3WS8AoKbCQkbNPqLpnG8m+pgoWW0lVuxKNq22 >wDvw3ylJw0y//tAW2ffXIrwH2NlyJpZMfBjfX9LuVXJoeCErB38gcw68f8cQU+5TTeAAXCqjJ+H6 >rhhxXMsN7Cc7FafDgnTn2pfC0hIXSe+EMg4NweixpQjYkHlMDQs7jhvuUKhfFX6pBvCyBswB8dMB >uAmj/jgCgSGQSyYdJ0aQhJ3N2h5HzwHcdx37uSgJXg== >-----END CERTIFICATE----- >tag=Nickname value=caSigningCert cert-pki-ca >tag=Nickname value=ocspSigningCert cert-pki-ca >tag=Nickname value=Server-Cert cert-pki-ca >tag=Nickname value=subsystemCert cert-pki-ca >tag=Nickname value=auditSigningCert cert-pki-ca >req_list_size=5 >cert_list_size=5 >dn_list_size=5 >ca_cert_name=CN=Certificate Authority,O=FI.LAN >ocsp_cert_name=CN=OCSP Subsystem,O=FI.LAN >ca_subsystem_cert_name=CN=CA Subsystem,O=FI.LAN >server_cert_name=CN=fi.lan,O=FI.LAN >audit_signing_cert_name=CN=CA Audit,O=FI.LAN >ca_cert_req=-----BEGIN CERTIFICATE REQUEST----- >MIICdjCCAV4CAQAwMTEPMA0GA1UEChMGRkkuTEFOMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRo >b3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDguV9Kjmc1jwT66xwo1qOEpcSf >kJ8xtyo5nDgszkg25IMtHx3s+WdLqlILgEwEDqremqo/xMc/COpiZ3S/TY7kGh+xHov9bJry6WgI >urxCnnayrtP/GtWggZBl0zlXDzomOrC0GdmtzTVx1iT3GvKCj8JAL/NIn2dzPzCcufuII4BcD6uR >nyzof3xN5H++hN2PFPu88Sicz3xv9qi1kDthqLnpvYKaDUGyjRWIzmEtQEcwEwJGX+vNuutny0Ia >qTlPWZuOxjSrTE1bi4j1wLX3kn4oftNm/eBdAW0HgZZrL9ow7Yc/bbmkoPOf06/Qqu0q0CplOEgR >l/1h9yrmxJSHAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAsOYTHm1dPZ1C1fIUnpVaB26fXkGU >VPqJjLzaFMa4bWpkZrY2WC27guTA0BUYOrYbVOHROojqa+gz0kyc1rMkJaYdX4JA3NMOD2n8f7re >8BBtMEXBmSlXeNoCL6RmUGWBAtA9CWbpMycANwGeFYPc2gICeXKGhOFD2HuTd7TFqpRrUKJgQCA3 >r0ginXszoFFHqjWZAVFgSpq723dcn4OpsTNVAMj8gviA9/hX/gCPs5PArYU0t7kKjp9WmCi+N6YR >qx9BnRgYNPXnbtnr5jIh8Eh8rzRJuC2Xfsf/xzSZnB/Jz34CrOXgdMIbFWtQNEeokicYvF12FQsG >DTLvG6Rnvg== >-----END CERTIFICATE REQUEST----- >ocsp_cert_req=-----BEGIN CERTIFICATE REQUEST----- >MIICbzCCAVcCAQAwKjEPMA0GA1UEChMGRkkuTEFOMRcwFQYDVQQDEw5PQ1NQIFN1YnN5c3RlbTCC >ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM3LtZX/dmV4B59pSyqcao4VslrlJG1JmmPA >/loar2t9U8+oNCNlJEyNXX8vOUQUF0o3tqHkpBl2379Dm4stV5c5gHKqSW6vF+wotJ7h/svXCCu3 >GmVeImbbdP6Yx3yDtk8/lCPwg6cn5WX7uBWlhj4ziqQpNH24ljyPP0XnY4oU8GqBRpE3GjtYTCF9 >xbP+g8AZcRXvLsYVr7Z+LgXxaJoXhi6s7JLpt/662NXoBeESeQrAHP3f3lu5Zuy8yHyUtWDhOl5Z >jdohFY52i7Ifx7zeI5f2CIImSTFEljCCqueXMqoeb/aDp7/eEppNzq8oHxTtUHjevyxlQs2pZWX9 >6Q8CAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQAdfNRe1eFMH3twH0YCdiu/Ke6rGX9/BIuJYvbf >jDjwbuZNf2mm/fswMjmqbzuTbd+FPiT3FwyeX9S/MNsZbFCpBOMTIukWX0Jvs0U+j9cZS7SviEsQ >V+dX3pYENwLqrzoFgRXEffUhKGqyOhz29GH94S4g4zEbQwWgGMa8K+IK4gvRbKEtOl6zQCqq+eqr >pTUpXe0jnMz9tEdgri9EaHfYsA+zd9rZzZDHU9eHtRFybkCW0DEVjZq09g2WTE/myjhGqZJIkxjr >L6s/YS5zFNRzTPnIJ08/avJ4k0dyPM2qY9x3ufbB9m9iVPX7c4FVUdCkt3oLh56Lgvsj71k8gsXB >-----END CERTIFICATE REQUEST----- >ca_subsystem_cert_req=-----BEGIN CERTIFICATE REQUEST----- >MIICbTCCAVUCAQAwKDEPMA0GA1UEChMGRkkuTEFOMRUwEwYDVQQDEwxDQSBTdWJzeXN0ZW0wggEi >MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/zt9Macf+XgFY7F1RvEbltRsFWk32IE9N/vt0 >ZRBJVm+peVI3Q/62OKmgi40oP37VJ3NEQ+lNgrBA0Z6rR1K+FCjnLu8DsGrRdncmncxAwLWVbHp5 >ldYTW/dgJQE1rsYK9iyj9hkaA9K+6AN3ubwSB/H4KWCkhjx9PMlkxMqjJr8yHDk3hNNYlDNq3nrS >RX/98iceqKIribw0KlOPzD8cETtLbA9wszzhln86gAsFHNoYazXStYkYgHJ528/jT+j/OwdwQHO1 >uGhFKnnn+jPd/xljPtoE7obgA1qSIZE5u0ya6h64ZRSAootLsGSp+sUnyekyGlDusN41JyDUtDyv >AgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAvWi6ChXL4E35aNEkp8OLvACngBrq2NwlJMtRY5AW >g5zK7EkAzQuZNsYo3MlbU1BgL4fiCrMtMROKTBGN1Hql/DEuQd+PbSk0YRb7XM1pNSKMRrJXhkft >NtIdkDgvsc37D1AdsHFROruSJZVFJt3yp1MOYmhwQCZm44z0q+CXR+u55m6JyDQD8/2b6J0d/P+2 >osHdsqZ98HapRsF1cQDM+y9iWS+7ft0Q4Ad7YPUbvjpz6d8nLauFW6SxgxZnUIwt1gLxBWs6qGVT >CnAwzkXvVTjZ4L1xMTjddTSDod5cZ4MTCcSCXXKP0xRm5K5IUcmoymPvEzKXwG0EePUWpAQp9A== >-----END CERTIFICATE REQUEST----- >server_cert_req=-----BEGIN CERTIFICATE REQUEST----- >MIICZzCCAU8CAQAwIjEPMA0GA1UEChMGRkkuTEFOMQ8wDQYDVQQDEwZmaS5sYW4wggEiMA0GCSqG >SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3jrv+Vq8Dgy6bbwuYOJkdq3R671Pdav5/OfLDn3uGZQIy >MJ6cMlj7W07KO1xHTtl1QlbgxA3skxaLCqPNxF0LVNlXT/FjqZ3aLXXkyHjm7ptB7CbqNm09+MyH >zK/OIrDBw8/zCTVYvd7kf7zS3pa57wfL/+7Zda/HTCR65gRoSdc3IbKF9PadPMboL32pj8Ffuto1 >RHYz8dPUekvdzGXyX0VGZz+0VyHaxvquUKe90UpN/XvaUBO8UC1mrFGzAp7qKjwpTAijYxv9fkpc >cvx1NvrB7+zhvHHMb6TZQ9rd74QSTx8YGLm5AN0qiJK77iNiGrFfEEUsOMt54lNgZVwbAgMBAAGg >ADANBgkqhkiG9w0BAQsFAAOCAQEATsL3V5QYFYRZRPxPzEM1YsTaCsV4ZqXdsC9u5Bie3wP6UVrP >RjeCgz+1OdWiSsVKXJbrMS3RgWEq2bTgT0Cy63LH64rbjabSJhujRwFMVna6kPJHij8V1NjUhRDw >wjLRARzjTqRZCsKFQ3ZgG7EKye/WSP/QwdDTmAD3K2gGaP8kK8bVfjJBulR4hjWxBLbEtpxGj9DQ >lBr8JU1h7CHqmnkVRYznXK3f7jKG4cztkjqf++UIKA4Dz4i0U7gpTIeSuY1t58j9aavTYKL6k5Ax >oZwRuVCZ2n39KNnWL/XFAZR9bY9RCJw2SQi1CmsSaiCmta7/Ibv5RUCpXsqbrzNl0A== >-----END CERTIFICATE REQUEST----- >ca_audit_siging_cert_req=-----BEGIN CERTIFICATE REQUEST----- >MIICaTCCAVECAQAwJDEPMA0GA1UEChMGRkkuTEFOMREwDwYDVQQDEwhDQSBBdWRpdDCCASIwDQYJ >KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKllTovE/nXHz81Ai0XLBlhLKlbmRccJuLiYPP0Wz66q >W981CWZHeuUNnE+8xp4UWtRmDgJHQuLj2rERXDLUwKpog/69vIT3DYaSpw1+/ZeUQvGhoLpXvS/e >/Dz1fO/15S4Uw7+IWvFezw37gaDxJDTq8R9EosqtAI4MhtrjldLXoGi/7b8rLAUabAFAZ08nOqTe >uHcwSKoTMA+eA3rjIH5s5vlEv3YQKZqrVCtWy0zv6Dk26cR1p2DUdjd6eoUv3aR5AvgUboIuzYOJ >0jToclL6hVPlWkAXJk1xR4d4kbxxXXITRq4f4oRnaznakvZxorFENzTOrCz/RdTcuV/sNFsCAwEA >AaAAMA0GCSqGSIb3DQEBCwUAA4IBAQAIxuwNgE2+SCo/ZT8CY3/5/YOn/ZcZxhnMQT54Vi7Tag87 >kEh1yuFHuQqe3U7wSSwXyxGmxqR8HZr2cpBd7d0+zv0MuqUs7K5K7TiwEXIXshQ9WRXmOL4q/6/0 >JfikzsqPTMjSZ+dZjv6jE08Fhil7czqT///z/n4GGen5QRneDMfbYr8cZauTwcMa2agPkWsS/nQ/ >stBoldmzFbDWHTqlwrDV/SVgCRlxM+ZhOMiHNr9m0uvVxHF1ikmaQ9iVVik1nQeRMYPZAJTt9nHC >+W5h7KKbFP10wFcowtrJzBof6SYUzsMIOorQ+0ns5XQ8WcU/sGIBuUhZiU9MI/UEySIE >-----END CERTIFICATE REQUEST----- >ca_cert_cert=-----BEGIN CERTIFICATE----- >MIIDeDCCAmCgAwIBAgIBATANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZGSS5MQU4xHjAcBgNV >BAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAxMjM0MzNaFw0yMDA5MjAxMjM0MzNa >MDExDzANBgNVBAoTBkZJLkxBTjEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIIBIjAN >BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LlfSo5nNY8E+uscKNajhKXEn5CfMbcqOZw4LM5I >NuSDLR8d7PlnS6pSC4BMBA6q3pqqP8THPwjqYmd0v02O5BofsR6L/Wya8uloCLq8Qp52sq7T/xrV >oIGQZdM5Vw86JjqwtBnZrc01cdYk9xrygo/CQC/zSJ9ncz8wnLn7iCOAXA+rkZ8s6H98TeR/voTd >jxT7vPEonM98b/aotZA7Yai56b2Cmg1Bso0ViM5hLUBHMBMCRl/rzbrrZ8tCGqk5T1mbjsY0q0xN >W4uI9cC195J+KH7TZv3gXQFtB4GWay/aMO2HP225pKDzn9Ov0KrtKtAqZThIEZf9Yfcq5sSUhwID >AQABo4GaMIGXMB8GA1UdIwQYMBaAFNjebhl7jAHG55uFGmcPr8tue18jMA8GA1UdEwEB/wQFMAMB >Af8wDgYDVR0PAQH/BAQDAgHGMB0GA1UdDgQWBBTY3m4Ze4wBxuebhRpnD6/LbntfIzA0BggrBgEF >BQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9maS5sYW46ODAvY2Evb2NzcDANBgkqhkiG9w0B >AQsFAAOCAQEATRAHpxbCxQYgDc9c9HajO8uw7rnC17fhAIqAZnyAJRvldG8TXKTKOMsjIgWKc1WQ >gVk9rASJyjIj3lrAy39VMZAqoix5QCLld2V2Pzv8dwJtAQV7NWBRCbRaR+27sPb5F3VxROFO73Xk >VSgTUDANhNMRsRJqMaa1uP5QiIu93bqhUgtSeruKrQxku21b06JmAa3ZFttebbceOGaX2E/Bn3sB >UkvalYU/Xe0m42zg6SXDe55iFKxAYRsQM7DqUmnhPiNv9J+QphqrpOdytTOVXAia/MyZTlj4/XPH >8GxFoCR5a0Wr++78LixQXfAT0siZHyHHzF1wTfp6XtMGMSLVyw== >-----END CERTIFICATE----- >ocsp_cert_cert=-----BEGIN CERTIFICATE----- >MIIDVDCCAjygAwIBAgIBAjANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZGSS5MQU4xHjAcBgNV >BAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAxMjM0MzZaFw0xNDA5MTAxMjM0MzZa >MCoxDzANBgNVBAoTBkZJLkxBTjEXMBUGA1UEAxMOT0NTUCBTdWJzeXN0ZW0wggEiMA0GCSqGSIb3 >DQEBAQUAA4IBDwAwggEKAoIBAQDNy7WV/3ZleAefaUsqnGqOFbJa5SRtSZpjwP5aGq9rfVPPqDQj >ZSRMjV1/LzlEFBdKN7ah5KQZdt+/Q5uLLVeXOYByqklurxfsKLSe4f7L1wgrtxplXiJm23T+mMd8 >g7ZPP5Qj8IOnJ+Vl+7gVpYY+M4qkKTR9uJY8jz9F52OKFPBqgUaRNxo7WEwhfcWz/oPAGXEV7y7G >Fa+2fi4F8WiaF4YurOyS6bf+utjV6AXhEnkKwBz9395buWbsvMh8lLVg4TpeWY3aIRWOdouyH8e8 >3iOX9giCJkkxRJYwgqrnlzKqHm/2g6e/3hKaTc6vKB8U7VB43r8sZULNqWVl/ekPAgMBAAGjfjB8 >MB8GA1UdIwQYMBaAFNjebhl7jAHG55uFGmcPr8tue18jMA4GA1UdDwEB/wQEAwIBxjA0BggrBgEF >BQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9maS5sYW46ODAvY2Evb2NzcDATBgNVHSUEDDAK >BggrBgEFBQcDCTANBgkqhkiG9w0BAQsFAAOCAQEACw3NoRFRJz4wk85QrzHhe9Z8OvOciT0k9PVO >zdvDSoU/S6xUkfsL7wUPJg5+1d2o8F6l7HhvOtgAGgz8VIXp09HODBo8GrTQdHJ68Zof6jjDugmm >/X/1Y155tjZtI9MOGilCpJ0q6hnGCdeVe6S+IxcAy8G13jKQIzvW2GglnQCeP94sK2wi9Usx13xv >KpjCMHuT2Nf6qQH5dOjRAzryoONfRk/npS2scvfGQEztDpomhfvhaycZKlNSIMApGd2qQKn18NRv >Qp8JldVQAS7wZ+MBNvWplkn8Zr+h9ml/mghk5h4MVVGFzyCX6Gfcm+2kELe/SL4qx6NH5kdoj4FS >kA== >-----END CERTIFICATE----- >ca_subsystem_cert_cert=-----BEGIN CERTIFICATE----- >MIIDXjCCAkagAwIBAgIBBDANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZGSS5MQU4xHjAcBgNV >BAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAxMjM0MzhaFw0xNDA5MTAxMjM0Mzha >MCgxDzANBgNVBAoTBkZJLkxBTjEVMBMGA1UEAxMMQ0EgU3Vic3lzdGVtMIIBIjANBgkqhkiG9w0B >AQEFAAOCAQ8AMIIBCgKCAQEAv87fTGnH/l4BWOxdUbxG5bUbBVpN9iBPTf77dGUQSVZvqXlSN0P+ >tjipoIuNKD9+1SdzREPpTYKwQNGeq0dSvhQo5y7vA7Bq0XZ3Jp3MQMC1lWx6eZXWE1v3YCUBNa7G >CvYso/YZGgPSvugDd7m8Egfx+ClgpIY8fTzJZMTKoya/Mhw5N4TTWJQzat560kV//fInHqiiK4m8 >NCpTj8w/HBE7S2wPcLM84ZZ/OoALBRzaGGs10rWJGIByedvP40/o/zsHcEBztbhoRSp55/oz3f8Z >Yz7aBO6G4ANakiGRObtMmuoeuGUUgKKLS7BkqfrFJ8npMhpQ7rDeNScg1LQ8rwIDAQABo4GJMIGG >MB8GA1UdIwQYMBaAFNjebhl7jAHG55uFGmcPr8tue18jMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEF >BQcwAYYYaHR0cDovL2ZpLmxhbjo4MC9jYS9vY3NwMA4GA1UdDwEB/wQEAwIE8DAdBgNVHSUEFjAU >BggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAKHxl+EckQG8ALBrwtNg+n4d >zaCE6iAIrD8dEgA9a9OQ0rCHM+a3gYvUbwHMJ1lUhn11h9OXIpqPSFBLD/wp6Bh0r/5yBOcDlWYZ >d3YrdH/OgQg3DoxQJp9P8n8HvAlMMQKjZLn9kWxl6kP0vQg5SxCrWRwJ2X1dQ4Il2dl9qXEIxfug >jemrZfPxm6LTGI31994Mef8MygSEFC3ORPo50P6eQhcLaCq3UEpyV0S6FHBt26qeOH67RQYdj2YU >O/9dW1cpdHlYMnJ8c/unXs7JoG8GAt1ll+w1Gd/AkSRQWSyDkt6dlRFl5kBzuNEDKzI50/hYI0jc >6+P2nL+IZuSFo6o= >-----END CERTIFICATE----- >server_cert_cert=-----BEGIN CERTIFICATE----- >MIIDTDCCAjSgAwIBAgIBAzANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZGSS5MQU4xHjAcBgNV >BAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAxMjM0MzZaFw0xNDA5MTAxMjM0MzZa >MCIxDzANBgNVBAoTBkZJLkxBTjEPMA0GA1UEAxMGZmkubGFuMIIBIjANBgkqhkiG9w0BAQEFAAOC >AQ8AMIIBCgKCAQEAt467/lavA4Mum28LmDiZHat0eu9T3Wr+fznyw597hmUCMjCenDJY+1tOyjtc >R07ZdUJW4MQN7JMWiwqjzcRdC1TZV0/xY6md2i115Mh45u6bQewm6jZtPfjMh8yvziKwwcPP8wk1 >WL3e5H+80t6Wue8Hy//u2XWvx0wkeuYEaEnXNyGyhfT2nTzG6C99qY/BX7raNUR2M/HT1HpL3cxl >8l9FRmc/tFch2sb6rlCnvdFKTf172lATvFAtZqxRswKe6io8KUwIo2Mb/X5KXHL8dTb6we/s4bxx >zG+k2UPa3e+EEk8fGBi5uQDdKoiSu+4jYhqxXxBFLDjLeeJTYGVcGwIDAQABo34wfDAfBgNVHSME >GDAWgBTY3m4Ze4wBxuebhRpnD6/LbntfIzA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0 >dHA6Ly9maS5sYW46ODAvY2Evb2NzcDAOBgNVHQ8BAf8EBAMCBPAwEwYDVR0lBAwwCgYIKwYBBQUH >AwEwDQYJKoZIhvcNAQELBQADggEBAI6sKWWQdoOaLndU28SzrYywQCphPw+Nl11o35ieogj05m3+ >JVEDx8Ti9Jvu/AjObvwTAEmoGgX0MCWvJRhH6aiM1YQGw2IR0mswr4PArZhHYvat9DeswluXqqzR >LZiYJurRyjEiklxwbdxXx7gYXfojL2qUQkLHv32CPmUmKQyAB3bka92sw8YG6PoJ5YdrRkqjRSmP >39z7o4/Jgf6SnXSHfcyWnruEIFn3K8PLR6gwFuKSpXqpkdDWJiavHEmnRqTqHxKVFsF+swNKwASA >Th76jdXKR8EVX9pHyEev86gq+vS5yvTKFrXfGPpn+3a2qLa+aTHALcmWoQoqqXrRB/E= >-----END CERTIFICATE----- >ca_audit_signing_cert_cert=-----BEGIN CERTIFICATE----- >MIIDOTCCAiGgAwIBAgIBBTANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZGSS5MQU4xHjAcBgNV >BAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAxMjM0MzlaFw0xNDA5MTAxMjM0Mzla >MCQxDzANBgNVBAoTBkZJLkxBTjERMA8GA1UEAxMIQ0EgQXVkaXQwggEiMA0GCSqGSIb3DQEBAQUA >A4IBDwAwggEKAoIBAQCpZU6LxP51x8/NQItFywZYSypW5kXHCbi4mDz9Fs+uqlvfNQlmR3rlDZxP >vMaeFFrUZg4CR0Li49qxEVwy1MCqaIP+vbyE9w2GkqcNfv2XlELxoaC6V70v3vw89Xzv9eUuFMO/ >iFrxXs8N+4Gg8SQ06vEfRKLKrQCODIba45XS16Bov+2/KywFGmwBQGdPJzqk3rh3MEiqEzAPngN6 >4yB+bOb5RL92ECmaq1QrVstM7+g5NunEdadg1HY3enqFL92keQL4FG6CLs2DidI06HJS+oVT5VpA >FyZNcUeHeJG8cV1yE0auH+KEZ2s52pL2caKxRDc0zqws/0XU3Llf7DRbAgMBAAGjaTBnMB8GA1Ud >IwQYMBaAFNjebhl7jAHG55uFGmcPr8tue18jMA4GA1UdDwEB/wQEAwIGwDA0BggrBgEFBQcBAQQo >MCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9maS5sYW46ODAvY2Evb2NzcDANBgkqhkiG9w0BAQsFAAOC >AQEAS+oBRh7HIuQN005omCEZGMz9CHR0IpC9w46imRAEr9foB/PIbDDs18UABqY+8m8nznxSqMjZ >QGFvKP5rqcIi3zuD4SGNcfjX/Qcbwofnyt/FhEA3WS8AoKbCQkbNPqLpnG8m+pgoWW0lVuxKNq22 >wDvw3ylJw0y//tAW2ffXIrwH2NlyJpZMfBjfX9LuVXJoeCErB38gcw68f8cQU+5TTeAAXCqjJ+H6 >rhhxXMsN7Cc7FafDgnTn2pfC0hIXSe+EMg4NweixpQjYkHlMDQs7jhvuUKhfFX6pBvCyBswB8dMB >uAmj/jgCgSGQSyYdJ0aQhJ3N2h5HzwHcdx37uSgJXg== >-----END CERTIFICATE----- >############################################# >Attempting to connect to: fi.lan:9445 >Connected. >Posting Query = https://fi.lan:9445//ca/admin/console/config/wizard?p=12&op=next&xml=true&subsystem=-----BEGIN+CERTIFICATE-----%0AMIIDXjCCAkagAwIBAgIBBDANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZGSS5MQU4xHjAcBgNV%0ABAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAxMjM0MzhaFw0xNDA5MTAxMjM0Mzha%0AMCgxDzANBgNVBAoTBkZJLkxBTjEVMBMGA1UEAxMMQ0EgU3Vic3lzdGVtMIIBIjANBgkqhkiG9w0B%0AAQEFAAOCAQ8AMIIBCgKCAQEAv87fTGnH%2Fl4BWOxdUbxG5bUbBVpN9iBPTf77dGUQSVZvqXlSN0P%2B%0AtjipoIuNKD9%2B1SdzREPpTYKwQNGeq0dSvhQo5y7vA7Bq0XZ3Jp3MQMC1lWx6eZXWE1v3YCUBNa7G%0ACvYso%2FYZGgPSvugDd7m8Egfx%2BClgpIY8fTzJZMTKoya%2FMhw5N4TTWJQzat560kV%2F%2FfInHqiiK4m8%0ANCpTj8w%2FHBE7S2wPcLM84ZZ%2FOoALBRzaGGs10rWJGIByedvP40%2Fo%2FzsHcEBztbhoRSp55%2Foz3f8Z%0AYz7aBO6G4ANakiGRObtMmuoeuGUUgKKLS7BkqfrFJ8npMhpQ7rDeNScg1LQ8rwIDAQABo4GJMIGG%0AMB8GA1UdIwQYMBaAFNjebhl7jAHG55uFGmcPr8tue18jMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEF%0ABQcwAYYYaHR0cDovL2ZpLmxhbjo4MC9jYS9vY3NwMA4GA1UdDwEB%2FwQEAwIE8DAdBgNVHSUEFjAU%0ABggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAKHxl%2BEckQG8ALBrwtNg%2Bn4d%0AzaCE6iAIrD8dEgA9a9OQ0rCHM%2Ba3gYvUbwHMJ1lUhn11h9OXIpqPSFBLD%2Fwp6Bh0r%2F5yBOcDlWYZ%0Ad3YrdH%2FOgQg3DoxQJp9P8n8HvAlMMQKjZLn9kWxl6kP0vQg5SxCrWRwJ2X1dQ4Il2dl9qXEIxfug%0AjemrZfPxm6LTGI31994Mef8MygSEFC3ORPo50P6eQhcLaCq3UEpyV0S6FHBt26qeOH67RQYdj2YU%0AO%2F9dW1cpdHlYMnJ8c%2FunXs7JoG8GAt1ll%2Bw1Gd%2FAkSRQWSyDkt6dlRFl5kBzuNEDKzI50%2FhYI0jc%0A6%2BP2nL%2BIZuSFo6o%3D%0A-----END+CERTIFICATE-----&subsystem_cc=&ocsp_signing=-----BEGIN+CERTIFICATE-----%0AMIIDVDCCAjygAwIBAgIBAjANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZGSS5MQU4xHjAcBgNV%0ABAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAxMjM0MzZaFw0xNDA5MTAxMjM0MzZa%0AMCoxDzANBgNVBAoTBkZJLkxBTjEXMBUGA1UEAxMOT0NTUCBTdWJzeXN0ZW0wggEiMA0GCSqGSIb3%0ADQEBAQUAA4IBDwAwggEKAoIBAQDNy7WV%2F3ZleAefaUsqnGqOFbJa5SRtSZpjwP5aGq9rfVPPqDQj%0AZSRMjV1%2FLzlEFBdKN7ah5KQZdt%2B%2FQ5uLLVeXOYByqklurxfsKLSe4f7L1wgrtxplXiJm23T%2BmMd8%0Ag7ZPP5Qj8IOnJ%2BVl%2B7gVpYY%2BM4qkKTR9uJY8jz9F52OKFPBqgUaRNxo7WEwhfcWz%2FoPAGXEV7y7G%0AFa%2B2fi4F8WiaF4YurOyS6bf%2ButjV6AXhEnkKwBz9395buWbsvMh8lLVg4TpeWY3aIRWOdouyH8e8%0A3iOX9giCJkkxRJYwgqrnlzKqHm%2F2g6e%2F3hKaTc6vKB8U7VB43r8sZULNqWVl%2FekPAgMBAAGjfjB8%0AMB8GA1UdIwQYMBaAFNjebhl7jAHG55uFGmcPr8tue18jMA4GA1UdDwEB%2FwQEAwIBxjA0BggrBgEF%0ABQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9maS5sYW46ODAvY2Evb2NzcDATBgNVHSUEDDAK%0ABggrBgEFBQcDCTANBgkqhkiG9w0BAQsFAAOCAQEACw3NoRFRJz4wk85QrzHhe9Z8OvOciT0k9PVO%0AzdvDSoU%2FS6xUkfsL7wUPJg5%2B1d2o8F6l7HhvOtgAGgz8VIXp09HODBo8GrTQdHJ68Zof6jjDugmm%0A%2FX%2F1Y155tjZtI9MOGilCpJ0q6hnGCdeVe6S%2BIxcAy8G13jKQIzvW2GglnQCeP94sK2wi9Usx13xv%0AKpjCMHuT2Nf6qQH5dOjRAzryoONfRk%2FnpS2scvfGQEztDpomhfvhaycZKlNSIMApGd2qQKn18NRv%0AQp8JldVQAS7wZ%2BMBNvWplkn8Zr%2Bh9ml%2Fmghk5h4MVVGFzyCX6Gfcm%2B2kELe%2FSL4qx6NH5kdoj4FS%0AkA%3D%3D%0A-----END+CERTIFICATE-----&ocsp_signing_cc=&signing=-----BEGIN+CERTIFICATE-----%0AMIIDeDCCAmCgAwIBAgIBATANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZGSS5MQU4xHjAcBgNV%0ABAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAxMjM0MzNaFw0yMDA5MjAxMjM0MzNa%0AMDExDzANBgNVBAoTBkZJLkxBTjEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIIBIjAN%0ABgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LlfSo5nNY8E%2BuscKNajhKXEn5CfMbcqOZw4LM5I%0ANuSDLR8d7PlnS6pSC4BMBA6q3pqqP8THPwjqYmd0v02O5BofsR6L%2FWya8uloCLq8Qp52sq7T%2FxrV%0AoIGQZdM5Vw86JjqwtBnZrc01cdYk9xrygo%2FCQC%2FzSJ9ncz8wnLn7iCOAXA%2BrkZ8s6H98TeR%2FvoTd%0AjxT7vPEonM98b%2FaotZA7Yai56b2Cmg1Bso0ViM5hLUBHMBMCRl%2FrzbrrZ8tCGqk5T1mbjsY0q0xN%0AW4uI9cC195J%2BKH7TZv3gXQFtB4GWay%2FaMO2HP225pKDzn9Ov0KrtKtAqZThIEZf9Yfcq5sSUhwID%0AAQABo4GaMIGXMB8GA1UdIwQYMBaAFNjebhl7jAHG55uFGmcPr8tue18jMA8GA1UdEwEB%2FwQFMAMB%0AAf8wDgYDVR0PAQH%2FBAQDAgHGMB0GA1UdDgQWBBTY3m4Ze4wBxuebhRpnD6%2FLbntfIzA0BggrBgEF%0ABQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9maS5sYW46ODAvY2Evb2NzcDANBgkqhkiG9w0B%0AAQsFAAOCAQEATRAHpxbCxQYgDc9c9HajO8uw7rnC17fhAIqAZnyAJRvldG8TXKTKOMsjIgWKc1WQ%0AgVk9rASJyjIj3lrAy39VMZAqoix5QCLld2V2Pzv8dwJtAQV7NWBRCbRaR%2B27sPb5F3VxROFO73Xk%0AVSgTUDANhNMRsRJqMaa1uP5QiIu93bqhUgtSeruKrQxku21b06JmAa3ZFttebbceOGaX2E%2FBn3sB%0AUkvalYU%2FXe0m42zg6SXDe55iFKxAYRsQM7DqUmnhPiNv9J%2BQphqrpOdytTOVXAia%2FMyZTlj4%2FXPH%0A8GxFoCR5a0Wr%2B%2B78LixQXfAT0siZHyHHzF1wTfp6XtMGMSLVyw%3D%3D%0A-----END+CERTIFICATE-----&signing_cc=&audit_signing=-----BEGIN+CERTIFICATE-----%0AMIIDOTCCAiGgAwIBAgIBBTANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZGSS5MQU4xHjAcBgNV%0ABAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAxMjM0MzlaFw0xNDA5MTAxMjM0Mzla%0AMCQxDzANBgNVBAoTBkZJLkxBTjERMA8GA1UEAxMIQ0EgQXVkaXQwggEiMA0GCSqGSIb3DQEBAQUA%0AA4IBDwAwggEKAoIBAQCpZU6LxP51x8%2FNQItFywZYSypW5kXHCbi4mDz9Fs%2BuqlvfNQlmR3rlDZxP%0AvMaeFFrUZg4CR0Li49qxEVwy1MCqaIP%2BvbyE9w2GkqcNfv2XlELxoaC6V70v3vw89Xzv9eUuFMO%2F%0AiFrxXs8N%2B4Gg8SQ06vEfRKLKrQCODIba45XS16Bov%2B2%2FKywFGmwBQGdPJzqk3rh3MEiqEzAPngN6%0A4yB%2BbOb5RL92ECmaq1QrVstM7%2Bg5NunEdadg1HY3enqFL92keQL4FG6CLs2DidI06HJS%2BoVT5VpA%0AFyZNcUeHeJG8cV1yE0auH%2BKEZ2s52pL2caKxRDc0zqws%2F0XU3Llf7DRbAgMBAAGjaTBnMB8GA1Ud%0AIwQYMBaAFNjebhl7jAHG55uFGmcPr8tue18jMA4GA1UdDwEB%2FwQEAwIGwDA0BggrBgEFBQcBAQQo%0AMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9maS5sYW46ODAvY2Evb2NzcDANBgkqhkiG9w0BAQsFAAOC%0AAQEAS%2BoBRh7HIuQN005omCEZGMz9CHR0IpC9w46imRAEr9foB%2FPIbDDs18UABqY%2B8m8nznxSqMjZ%0AQGFvKP5rqcIi3zuD4SGNcfjX%2FQcbwofnyt%2FFhEA3WS8AoKbCQkbNPqLpnG8m%2BpgoWW0lVuxKNq22%0AwDvw3ylJw0y%2F%2FtAW2ffXIrwH2NlyJpZMfBjfX9LuVXJoeCErB38gcw68f8cQU%2B5TTeAAXCqjJ%2BH6%0ArhhxXMsN7Cc7FafDgnTn2pfC0hIXSe%2BEMg4NweixpQjYkHlMDQs7jhvuUKhfFX6pBvCyBswB8dMB%0AuAmj%2FjgCgSGQSyYdJ0aQhJ3N2h5HzwHcdx37uSgJXg%3D%3D%0A-----END+CERTIFICATE-----&audit_signing_cc=&sslserver=-----BEGIN+CERTIFICATE-----%0AMIIDTDCCAjSgAwIBAgIBAzANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZGSS5MQU4xHjAcBgNV%0ABAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAxMjM0MzZaFw0xNDA5MTAxMjM0MzZa%0AMCIxDzANBgNVBAoTBkZJLkxBTjEPMA0GA1UEAxMGZmkubGFuMIIBIjANBgkqhkiG9w0BAQEFAAOC%0AAQ8AMIIBCgKCAQEAt467%2FlavA4Mum28LmDiZHat0eu9T3Wr%2Bfznyw597hmUCMjCenDJY%2B1tOyjtc%0AR07ZdUJW4MQN7JMWiwqjzcRdC1TZV0%2FxY6md2i115Mh45u6bQewm6jZtPfjMh8yvziKwwcPP8wk1%0AWL3e5H%2B80t6Wue8Hy%2F%2Fu2XWvx0wkeuYEaEnXNyGyhfT2nTzG6C99qY%2FBX7raNUR2M%2FHT1HpL3cxl%0A8l9FRmc%2FtFch2sb6rlCnvdFKTf172lATvFAtZqxRswKe6io8KUwIo2Mb%2FX5KXHL8dTb6we%2Fs4bxx%0AzG%2Bk2UPa3e%2BEEk8fGBi5uQDdKoiSu%2B4jYhqxXxBFLDjLeeJTYGVcGwIDAQABo34wfDAfBgNVHSME%0AGDAWgBTY3m4Ze4wBxuebhRpnD6%2FLbntfIzA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0%0AdHA6Ly9maS5sYW46ODAvY2Evb2NzcDAOBgNVHQ8BAf8EBAMCBPAwEwYDVR0lBAwwCgYIKwYBBQUH%0AAwEwDQYJKoZIhvcNAQELBQADggEBAI6sKWWQdoOaLndU28SzrYywQCphPw%2BNl11o35ieogj05m3%2B%0AJVEDx8Ti9Jvu%2FAjObvwTAEmoGgX0MCWvJRhH6aiM1YQGw2IR0mswr4PArZhHYvat9DeswluXqqzR%0ALZiYJurRyjEiklxwbdxXx7gYXfojL2qUQkLHv32CPmUmKQyAB3bka92sw8YG6PoJ5YdrRkqjRSmP%0A39z7o4%2FJgf6SnXSHfcyWnruEIFn3K8PLR6gwFuKSpXqpkdDWJiavHEmnRqTqHxKVFsF%2BswNKwASA%0ATh76jdXKR8EVX9pHyEev86gq%2BvS5yvTKFrXfGPpn%2B3a2qLa%2BaTHALcmWoQoqqXrRB%2FE%3D%0A-----END+CERTIFICATE-----&sslserver_cc= >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Thu, 20 Sep 2012 12:34:39 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/backupkeycertpanel.vm</panel> > <res/> > <showApplyButton/> > <pwdagain/> > <updateStatus>success</updateStatus> > <dobackup/> > <errorString/> > <size>19</size> > <title>Export Keys and Certificates</title> > <pwd/> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <nobackup>checked</nobackup> > <p>13</p> > <name>CA Setup Wizard</name> > <req/> > <panelname>backupkeys</panelname> ></response> >############################################# >Attempting to connect to: fi.lan:9445 >Connected. >Posting Query = https://fi.lan:9445//ca/admin/console/config/wizard?p=13&op=next&xml=true&choice=backupkey&__pwd=XXXXXXXX&__pwdagain=XXXXXXXX >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Thu, 20 Sep 2012 12:34:39 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/savepkcs12panel.vm</panel> > <res/> > <subsystemtype>ca</subsystemtype> > <showApplyButton/> > <updateStatus>success</updateStatus> > <errorString/> > <size>19</size> > <title>Save Keys and Certificates</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <name>CA Setup Wizard</name> > <p>14</p> > <req/> > <panelname>savepk12</panelname> ></response> >############################################# >Attempting to connect to: fi.lan:9445 >Connected. >Posting Query = https://fi.lan:9445//ca/admin/console/config/savepkcs12? >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/x-pkcs12 >RESPONSE HEADER: Date: Thu, 20 Sep 2012 12:34:40 GMT >RESPONSE HEADER: Connection: close >Decoded PFX >Version: 3 >AuthSafes has 2 SafeContents >############################################# >Attempting to connect to: fi.lan:9445 >Connected. >Posting Query = https://fi.lan:9445//ca/admin/console/config/wizard?p=14&op=next&xml=true >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Thu, 20 Sep 2012 12:34:40 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/importcachainpanel.vm</panel> > <machineName>fi.lan</machineName> > <res/> > <showApplyButton/> > <ca>true</ca> > <updateStatus>success</updateStatus> > <errorString/> > <https_port>9444</https_port> > <size>19</size> > <title>Import CA's Certificate Chain</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <p>15</p> > <name>CA Setup Wizard</name> > <import>true</import> > <http_port>9180</http_port> > <req/> > <panelname>importcachain</panelname> ></response> >############################################# >Attempting to connect to: fi.lan:9445 >Connected. >Posting Query = https://fi.lan:9445//ca/admin/console/config/wizard?p=15&op=next&xml=true >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Thu, 20 Sep 2012 12:34:40 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/adminpanel.vm</panel> > <res/> > <showApplyButton/> > <ca>true</ca> > <admin_pwd/> > <caType>sdca</caType> > <admin_pwd_again/> > <updateStatus>success</updateStatus> > <admin_email/> > <admin_name>CA Administrator of Instance pki-ca</admin_name> > <securityDomain>IPA</securityDomain> > <errorString/> > <info/> > <size>19</size> > <title>Administrator</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <p>16</p> > <name>CA Setup Wizard</name> > <import>true</import> > <req/> > <panelname>admin</panelname> > <admin_uid>admin</admin_uid> ></response> >CRYPTO INIT WITH CERTDB:/tmp/tmp-56Kk3t >Crypto manager already initialized >Debug : initialize crypto Manager >INITIALIZATION ERROR: org.mozilla.jss.crypto.AlreadyInitializedException >cdir = /tmp/tmp-56Kk3t >Debug : before getInstance >Debug : before get token >Debug : before login password >Debug : after login password >64-bit osutil library loaded >CRMF_REQUEST = MIIBbjCCAWowggFeAgEBMIIBVYABAqUqMCgxDzANBgNVBAoTBkZJLkxBTjEVMBMG >A1UEAxMMaXBhLWNhLWFnZW50poIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC >AQEA2KcM8870jUNu+/5u0DSTezUjwW/Gp2KwT94B/IbatZ8fc2fxZRf5voPOm1zx >mLeQ7tbdRCTOHiHOZb4MZU6/lGY+GujQQ1xq6QoHnAO4PbBiVUWTzRD4YC1y+H0Y >+htV6hngUVxW8joTTGgqXY6ncBP8toFfZJBng2dRYa1ZmariBs5Vo58HmsIgJbpf >PV+cIJThkGzb5ahZfpQL7GWwcvn//NY4EDlZ5LGxmfCweHdgrLN0qIGRjmegVr0k >6WVmN3/qoTCbbsl79TCPszzlxZ8ehSOViMR54DTjASHe4iiN70zcPDHwOQlWFKsg >ddL3yU3GUj7MrpGTiUtU33UMwQIDAQABMACiBoAEAwADAA== >############################################# >Attempting to connect to: fi.lan:9445 >Connected. >Posting Query = https://fi.lan:9445//ca/admin/console/config/wizard?p=16&op=next&xml=true&cert_request_type=crmf&uid=admin&name=admin&__pwd=XXXXXXXX&__admin_password_again=XXXXXXXX&profileId=caAdminCert&email=root%40localhost&cert_request=MIIBbjCCAWowggFeAgEBMIIBVYABAqUqMCgxDzANBgNVBAoTBkZJLkxBTjEVMBMG%0D%0AA1UEAxMMaXBhLWNhLWFnZW50poIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC%0D%0AAQEA2KcM8870jUNu%2B%2F5u0DSTezUjwW%2FGp2KwT94B%2FIbatZ8fc2fxZRf5voPOm1zx%0D%0AmLeQ7tbdRCTOHiHOZb4MZU6%2FlGY%2BGujQQ1xq6QoHnAO4PbBiVUWTzRD4YC1y%2BH0Y%0D%0A%2BhtV6hngUVxW8joTTGgqXY6ncBP8toFfZJBng2dRYa1ZmariBs5Vo58HmsIgJbpf%0D%0APV%2BcIJThkGzb5ahZfpQL7GWwcvn%2F%2FNY4EDlZ5LGxmfCweHdgrLN0qIGRjmegVr0k%0D%0A6WVmN3%2FqoTCbbsl79TCPszzlxZ8ehSOViMR54DTjASHe4iiN70zcPDHwOQlWFKsg%0D%0AddL3yU3GUj7MrpGTiUtU33UMwQIDAQABMACiBoAEAwADAA%3D%3D&subject=CN%3Dipa-ca-agent%2CO%3DFI.LAN&clone=new&import=true&securitydomain=IPA >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Thu, 20 Sep 2012 12:34:42 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/importadmincertpanel.vm</panel> > <res/> > <showApplyButton/> > <admin_pwd>XXXXXXXX</admin_pwd> > <ca>true</ca> > <caPort>9445</caPort> > <caType>sdca</caType> > <admin_pwd_again>XXXXXXXX</admin_pwd_again> > <updateStatus>success</updateStatus> > <serialNumber>6</serialNumber> > <admin_email>root@localhost</admin_email> > <admin_name>admin</admin_name> > <errorString/> > <size>19</size> > <info/> > <caHost>fi.lan</caHost> > <title>Import Administrator's Certificate</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <p>17</p> > <name>CA Setup Wizard</name> > <import>true</import> > <pkcs7>MIIHDQYJKoZIhvcNAQcCoIIG/jCCBvoCAQExADAPBgkqhkiG9w0BBwGgAgQAoIIG3jCCA14wggJGoAMCAQICAQYwDQYJKoZIhvcNAQELBQAwMTEPMA0GA1UEChMGRkkuTEFOMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMTIwOTIwMTIzNDQxWhcNMTQwOTEwMTIzNDQxWjAoMQ8wDQYDVQQKEwZGSS5MQU4xFTATBgNVBAMTDGlwYS1jYS1hZ2VudDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANinDPPO9I1Dbvv+btA0k3s1I8FvxqdisE/eAfyG2rWfH3Nn8WUX+b6Dzptc8Zi3kO7W3UQkzh4hzmW+DGVOv5RmPhro0ENcaukKB5wDuD2wYlVFk80Q+GAtcvh9GPobVeoZ4FFcVvI6E0xoKl2Op3AT/LaBX2SQZ4NnUWGtWZmq4gbOVaOfB5rCICW6Xz1fnCCU4ZBs2+WoWX6UC+xlsHL5//zWOBA5WeSxsZnwsHh3YKyzdKiBkY5noFa9JOllZjd/6qEwm27Je/Uwj7M85cWfHoUjlYjEeeA04wEh3uIoje9M3Dwx8DkJVhSrIHXS98lNxlI+zK6Rk4lLVN91DMECAwEAAaOBiTCBhjAfBgNVHSMEGDAWgBTY3m4Ze4wBxuebhRpnD6/LbntfIzA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9maS5sYW46ODAvY2Evb2NzcDAOBgNVHQ8BAf8EBAMCBPAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3DQEBCwUAA4IBAQBogjCRB9/BXvCxwT+62ParzJEXP0IR9RP7lJnimlyVxccSjkU5lAyxbTczuk1eH/ZYGhBgzaI6nZCZgw2Br+0J9Nl0NFZaLlYUO6eiKzEwl352ugcY5nJ/IbUkYCT+qrPSyiBrGcV72nz1Z50HajDHfQsP/jCu67PO/hUwbqMK9MCXgX6QOiBWw/x7b3Q5A4AIe3lc/jURbNkIxLeRTkNke7d1rCTYaYlzkFdC7tMOY1+WEXvc7sH792yDvoHWX+Kt1NpLgAAohwczOyU8tXSdGmRF2UxmF+3fqaU9cuOMPuuXudb4iUiUbSN/D7Ez9dXxvsmopS5QVBgQgKBUxlweMIIDeDCCAmCgAwIBAgIBATANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZGSS5MQU4xHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAxMjM0MzNaFw0yMDA5MjAxMjM0MzNaMDExDzANBgNVBAoTBkZJLkxBTjEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LlfSo5nNY8E+uscKNajhKXEn5CfMbcqOZw4LM5INuSDLR8d7PlnS6pSC4BMBA6q3pqqP8THPwjqYmd0v02O5BofsR6L/Wya8uloCLq8Qp52sq7T/xrVoIGQZdM5Vw86JjqwtBnZrc01cdYk9xrygo/CQC/zSJ9ncz8wnLn7iCOAXA+rkZ8s6H98TeR/voTdjxT7vPEonM98b/aotZA7Yai56b2Cmg1Bso0ViM5hLUBHMBMCRl/rzbrrZ8tCGqk5T1mbjsY0q0xNW4uI9cC195J+KH7TZv3gXQFtB4GWay/aMO2HP225pKDzn9Ov0KrtKtAqZThIEZf9Yfcq5sSUhwIDAQABo4GaMIGXMB8GA1UdIwQYMBaAFNjebhl7jAHG55uFGmcPr8tue18jMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgHGMB0GA1UdDgQWBBTY3m4Ze4wBxuebhRpnD6/LbntfIzA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9maS5sYW46ODAvY2Evb2NzcDANBgkqhkiG9w0BAQsFAAOCAQEATRAHpxbCxQYgDc9c9HajO8uw7rnC17fhAIqAZnyAJRvldG8TXKTKOMsjIgWKc1WQgVk9rASJyjIj3lrAy39VMZAqoix5QCLld2V2Pzv8dwJtAQV7NWBRCbRaR+27sPb5F3VxROFO73XkVSgTUDANhNMRsRJqMaa1uP5QiIu93bqhUgtSeruKrQxku21b06JmAa3ZFttebbceOGaX2E/Bn3sBUkvalYU/Xe0m42zg6SXDe55iFKxAYRsQM7DqUmnhPiNv9J+QphqrpOdytTOVXAia/MyZTlj4/XPH8GxFoCR5a0Wr++78LixQXfAT0siZHyHHzF1wTfp6XtMGMSLVyzEA</pkcs7> > <req/> > <panelname>importadmincert</panelname> ></response> >############################################# >Attempting to connect to: fi.lan:9445 >Connected. >Posting Query = https://fi.lan:9445//ca/admin/ca/getBySerial?&serialNumber=6&importCert=true >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/x-x509-user-cert >RESPONSE HEADER: Content-Length: 1809 >RESPONSE HEADER: Date: Thu, 20 Sep 2012 12:34:42 GMT >RESPONSE HEADER: Connection: keep-alive >Cert to Import =MIIHDQYJKoZIhvcNAQcCoIIG/jCCBvoCAQExADAPBgkqhkiG9w0BBwGgAgQAoIIG >3jCCA14wggJGoAMCAQICAQYwDQYJKoZIhvcNAQELBQAwMTEPMA0GA1UEChMGRkku >TEFOMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMTIwOTIwMTIz >NDQxWhcNMTQwOTEwMTIzNDQxWjAoMQ8wDQYDVQQKEwZGSS5MQU4xFTATBgNVBAMT >DGlwYS1jYS1hZ2VudDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANin >DPPO9I1Dbvv+btA0k3s1I8FvxqdisE/eAfyG2rWfH3Nn8WUX+b6Dzptc8Zi3kO7W >3UQkzh4hzmW+DGVOv5RmPhro0ENcaukKB5wDuD2wYlVFk80Q+GAtcvh9GPobVeoZ >4FFcVvI6E0xoKl2Op3AT/LaBX2SQZ4NnUWGtWZmq4gbOVaOfB5rCICW6Xz1fnCCU >4ZBs2+WoWX6UC+xlsHL5//zWOBA5WeSxsZnwsHh3YKyzdKiBkY5noFa9JOllZjd/ >6qEwm27Je/Uwj7M85cWfHoUjlYjEeeA04wEh3uIoje9M3Dwx8DkJVhSrIHXS98lN >xlI+zK6Rk4lLVN91DMECAwEAAaOBiTCBhjAfBgNVHSMEGDAWgBTY3m4Ze4wBxueb >hRpnD6/LbntfIzA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9m >aS5sYW46ODAvY2Evb2NzcDAOBgNVHQ8BAf8EBAMCBPAwHQYDVR0lBBYwFAYIKwYB >BQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3DQEBCwUAA4IBAQBogjCRB9/BXvCxwT+6 >2ParzJEXP0IR9RP7lJnimlyVxccSjkU5lAyxbTczuk1eH/ZYGhBgzaI6nZCZgw2B >r+0J9Nl0NFZaLlYUO6eiKzEwl352ugcY5nJ/IbUkYCT+qrPSyiBrGcV72nz1Z50H >ajDHfQsP/jCu67PO/hUwbqMK9MCXgX6QOiBWw/x7b3Q5A4AIe3lc/jURbNkIxLeR >TkNke7d1rCTYaYlzkFdC7tMOY1+WEXvc7sH792yDvoHWX+Kt1NpLgAAohwczOyU8 >tXSdGmRF2UxmF+3fqaU9cuOMPuuXudb4iUiUbSN/D7Ez9dXxvsmopS5QVBgQgKBU >xlweMIIDeDCCAmCgAwIBAgIBATANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZG >SS5MQU4xHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAx >MjM0MzNaFw0yMDA5MjAxMjM0MzNaMDExDzANBgNVBAoTBkZJLkxBTjEeMBwGA1UE >AxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A >MIIBCgKCAQEA4LlfSo5nNY8E+uscKNajhKXEn5CfMbcqOZw4LM5INuSDLR8d7Pln >S6pSC4BMBA6q3pqqP8THPwjqYmd0v02O5BofsR6L/Wya8uloCLq8Qp52sq7T/xrV >oIGQZdM5Vw86JjqwtBnZrc01cdYk9xrygo/CQC/zSJ9ncz8wnLn7iCOAXA+rkZ8s >6H98TeR/voTdjxT7vPEonM98b/aotZA7Yai56b2Cmg1Bso0ViM5hLUBHMBMCRl/r >zbrrZ8tCGqk5T1mbjsY0q0xNW4uI9cC195J+KH7TZv3gXQFtB4GWay/aMO2HP225 >pKDzn9Ov0KrtKtAqZThIEZf9Yfcq5sSUhwIDAQABo4GaMIGXMB8GA1UdIwQYMBaA >FNjebhl7jAHG55uFGmcPr8tue18jMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ >BAQDAgHGMB0GA1UdDgQWBBTY3m4Ze4wBxuebhRpnD6/LbntfIzA0BggrBgEFBQcB >AQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9maS5sYW46ODAvY2Evb2NzcDANBgkq >hkiG9w0BAQsFAAOCAQEATRAHpxbCxQYgDc9c9HajO8uw7rnC17fhAIqAZnyAJRvl >dG8TXKTKOMsjIgWKc1WQgVk9rASJyjIj3lrAy39VMZAqoix5QCLld2V2Pzv8dwJt >AQV7NWBRCbRaR+27sPb5F3VxROFO73XkVSgTUDANhNMRsRJqMaa1uP5QiIu93bqh >UgtSeruKrQxku21b06JmAa3ZFttebbceOGaX2E/Bn3sBUkvalYU/Xe0m42zg6SXD >e55iFKxAYRsQM7DqUmnhPiNv9J+QphqrpOdytTOVXAia/MyZTlj4/XPH8GxFoCR5 >a0Wr++78LixQXfAT0siZHyHHzF1wTfp6XtMGMSLVyzEA >Cert to Import =MIIHDQYJKoZIhvcNAQcCoIIG/jCCBvoCAQExADAPBgkqhkiG9w0BBwGgAgQAoIIG >3jCCA14wggJGoAMCAQICAQYwDQYJKoZIhvcNAQELBQAwMTEPMA0GA1UEChMGRkku >TEFOMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMTIwOTIwMTIz >NDQxWhcNMTQwOTEwMTIzNDQxWjAoMQ8wDQYDVQQKEwZGSS5MQU4xFTATBgNVBAMT >DGlwYS1jYS1hZ2VudDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANin >DPPO9I1Dbvv+btA0k3s1I8FvxqdisE/eAfyG2rWfH3Nn8WUX+b6Dzptc8Zi3kO7W >3UQkzh4hzmW+DGVOv5RmPhro0ENcaukKB5wDuD2wYlVFk80Q+GAtcvh9GPobVeoZ >4FFcVvI6E0xoKl2Op3AT/LaBX2SQZ4NnUWGtWZmq4gbOVaOfB5rCICW6Xz1fnCCU >4ZBs2+WoWX6UC+xlsHL5//zWOBA5WeSxsZnwsHh3YKyzdKiBkY5noFa9JOllZjd/ >6qEwm27Je/Uwj7M85cWfHoUjlYjEeeA04wEh3uIoje9M3Dwx8DkJVhSrIHXS98lN >xlI+zK6Rk4lLVN91DMECAwEAAaOBiTCBhjAfBgNVHSMEGDAWgBTY3m4Ze4wBxueb >hRpnD6/LbntfIzA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9m >aS5sYW46ODAvY2Evb2NzcDAOBgNVHQ8BAf8EBAMCBPAwHQYDVR0lBBYwFAYIKwYB >BQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3DQEBCwUAA4IBAQBogjCRB9/BXvCxwT+6 >2ParzJEXP0IR9RP7lJnimlyVxccSjkU5lAyxbTczuk1eH/ZYGhBgzaI6nZCZgw2B >r+0J9Nl0NFZaLlYUO6eiKzEwl352ugcY5nJ/IbUkYCT+qrPSyiBrGcV72nz1Z50H >ajDHfQsP/jCu67PO/hUwbqMK9MCXgX6QOiBWw/x7b3Q5A4AIe3lc/jURbNkIxLeR >TkNke7d1rCTYaYlzkFdC7tMOY1+WEXvc7sH792yDvoHWX+Kt1NpLgAAohwczOyU8 >tXSdGmRF2UxmF+3fqaU9cuOMPuuXudb4iUiUbSN/D7Ez9dXxvsmopS5QVBgQgKBU >xlweMIIDeDCCAmCgAwIBAgIBATANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZG >SS5MQU4xHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAx >MjM0MzNaFw0yMDA5MjAxMjM0MzNaMDExDzANBgNVBAoTBkZJLkxBTjEeMBwGA1UE >AxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A >MIIBCgKCAQEA4LlfSo5nNY8E+uscKNajhKXEn5CfMbcqOZw4LM5INuSDLR8d7Pln >S6pSC4BMBA6q3pqqP8THPwjqYmd0v02O5BofsR6L/Wya8uloCLq8Qp52sq7T/xrV >oIGQZdM5Vw86JjqwtBnZrc01cdYk9xrygo/CQC/zSJ9ncz8wnLn7iCOAXA+rkZ8s >6H98TeR/voTdjxT7vPEonM98b/aotZA7Yai56b2Cmg1Bso0ViM5hLUBHMBMCRl/r >zbrrZ8tCGqk5T1mbjsY0q0xNW4uI9cC195J+KH7TZv3gXQFtB4GWay/aMO2HP225 >pKDzn9Ov0KrtKtAqZThIEZf9Yfcq5sSUhwIDAQABo4GaMIGXMB8GA1UdIwQYMBaA >FNjebhl7jAHG55uFGmcPr8tue18jMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ >BAQDAgHGMB0GA1UdDgQWBBTY3m4Ze4wBxuebhRpnD6/LbntfIzA0BggrBgEFBQcB >AQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9maS5sYW46ODAvY2Evb2NzcDANBgkq >hkiG9w0BAQsFAAOCAQEATRAHpxbCxQYgDc9c9HajO8uw7rnC17fhAIqAZnyAJRvl >dG8TXKTKOMsjIgWKc1WQgVk9rASJyjIj3lrAy39VMZAqoix5QCLld2V2Pzv8dwJt >AQV7NWBRCbRaR+27sPb5F3VxROFO73XkVSgTUDANhNMRsRJqMaa1uP5QiIu93bqh >UgtSeruKrQxku21b06JmAa3ZFttebbceOGaX2E/Bn3sBUkvalYU/Xe0m42zg6SXD >e55iFKxAYRsQM7DqUmnhPiNv9J+QphqrpOdytTOVXAia/MyZTlj4/XPH8GxFoCR5 >a0Wr++78LixQXfAT0siZHyHHzF1wTfp6XtMGMSLVyzEA >CRYPTO INIT WITH CERTDB:/tmp/tmp-56Kk3t >Crypto manager already initialized >importCert string: importing with nickname: ipa-ca-agent >Already logged into to DB >SUCCESS: imported admin user cert >############################################# >Attempting to connect to: fi.lan:9445 >Connected. >Posting Query = https://fi.lan:9445//ca/admin/console/config/wizard?p=17&op=next&xml=true&caHost=%2F&caPort=%2F >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Thu, 20 Sep 2012 12:34:44 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <port>443</port> > <panel>admin/console/config/donepanel.vm</panel> > <res/> > <initCommand>/bin/systemctl</initCommand> > <showApplyButton/> > <host>fi.lan</host> > <ca>true</ca> > <systemType>ca</systemType> > <caType>sdca</caType> > <instanceId>pki-cad@pki-ca.service</instanceId> > <updateStatus>success</updateStatus> > <lastpanel/> > <errorString/> > <size>19</size> > <info/> > <title>Done</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <externalCA>true</externalCA> > <p>18</p> > <name>CA Setup Wizard</name> > <req/> > <panelname>done</panelname> > <csstate>1</csstate> ></response> >caHost=fi.lan >caPort=443 >systemType=ca >Certificate System - CA Instance Configured. > >####################################################################### > >2012-09-20T12:34:44Z DEBUG stderr= >2012-09-20T12:34:44Z DEBUG completed creating ca instance >2012-09-20T12:34:44Z DEBUG duration: 31 seconds >2012-09-20T12:34:44Z DEBUG [4/18]: disabling nonces >2012-09-20T12:34:44Z DEBUG duration: 0 seconds >2012-09-20T12:34:44Z DEBUG [5/18]: creating CA agent PKCS#12 file in /root >2012-09-20T12:34:44Z DEBUG args=/usr/bin/pk12util -n ipa-ca-agent -o /root/ca-agent.p12 -d /tmp/tmp-56Kk3t -k /tmp/tmpPw46E7 -w /tmp/tmpPw46E7 >2012-09-20T12:34:44Z DEBUG stdout=pk12util: PKCS12 EXPORT SUCCESSFUL > >2012-09-20T12:34:44Z DEBUG stderr= >2012-09-20T12:34:44Z DEBUG duration: 0 seconds >2012-09-20T12:34:44Z DEBUG [6/18]: creating RA agent certificate database >2012-09-20T12:34:44Z DEBUG args=/usr/bin/certutil -d /etc/httpd/alias -f XXXXXXXX -N >2012-09-20T12:34:44Z DEBUG stdout= >2012-09-20T12:34:44Z DEBUG stderr= >2012-09-20T12:34:44Z DEBUG duration: 0 seconds >2012-09-20T12:34:44Z DEBUG [7/18]: importing CA chain to RA certificate database >2012-09-20T12:34:44Z DEBUG args=/usr/bin/openssl pkcs7 -inform DER -print_certs >2012-09-20T12:34:44Z DEBUG stdout=subject=/O=FI.LAN/CN=Certificate Authority >issuer=/O=FI.LAN/CN=Certificate Authority >-----BEGIN CERTIFICATE----- >MIIDeDCCAmCgAwIBAgIBATANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQKEwZGSS5M >QU4xHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMjA5MjAxMjM0 >MzNaFw0yMDA5MjAxMjM0MzNaMDExDzANBgNVBAoTBkZJLkxBTjEeMBwGA1UEAxMV >Q2VydGlmaWNhdGUgQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB >CgKCAQEA4LlfSo5nNY8E+uscKNajhKXEn5CfMbcqOZw4LM5INuSDLR8d7PlnS6pS >C4BMBA6q3pqqP8THPwjqYmd0v02O5BofsR6L/Wya8uloCLq8Qp52sq7T/xrVoIGQ >ZdM5Vw86JjqwtBnZrc01cdYk9xrygo/CQC/zSJ9ncz8wnLn7iCOAXA+rkZ8s6H98 >TeR/voTdjxT7vPEonM98b/aotZA7Yai56b2Cmg1Bso0ViM5hLUBHMBMCRl/rzbrr >Z8tCGqk5T1mbjsY0q0xNW4uI9cC195J+KH7TZv3gXQFtB4GWay/aMO2HP225pKDz >n9Ov0KrtKtAqZThIEZf9Yfcq5sSUhwIDAQABo4GaMIGXMB8GA1UdIwQYMBaAFNje >bhl7jAHG55uFGmcPr8tue18jMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD >AgHGMB0GA1UdDgQWBBTY3m4Ze4wBxuebhRpnD6/LbntfIzA0BggrBgEFBQcBAQQo >MCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9maS5sYW46ODAvY2Evb2NzcDANBgkqhkiG >9w0BAQsFAAOCAQEATRAHpxbCxQYgDc9c9HajO8uw7rnC17fhAIqAZnyAJRvldG8T >XKTKOMsjIgWKc1WQgVk9rASJyjIj3lrAy39VMZAqoix5QCLld2V2Pzv8dwJtAQV7 >NWBRCbRaR+27sPb5F3VxROFO73XkVSgTUDANhNMRsRJqMaa1uP5QiIu93bqhUgtS >eruKrQxku21b06JmAa3ZFttebbceOGaX2E/Bn3sBUkvalYU/Xe0m42zg6SXDe55i >FKxAYRsQM7DqUmnhPiNv9J+QphqrpOdytTOVXAia/MyZTlj4/XPH8GxFoCR5a0Wr >++78LixQXfAT0siZHyHHzF1wTfp6XtMGMSLVyw== >-----END CERTIFICATE----- > > >2012-09-20T12:34:44Z DEBUG stderr= >2012-09-20T12:34:44Z DEBUG args=/usr/bin/certutil -d /etc/httpd/alias -f XXXXXXXX -A -t CT,C,C -n FI.LAN IPA CA -a -i /tmp/tmpKUMjZD >2012-09-20T12:34:44Z DEBUG stdout= >2012-09-20T12:34:44Z DEBUG stderr= >2012-09-20T12:34:44Z DEBUG duration: 0 seconds >2012-09-20T12:34:44Z DEBUG [8/18]: fixing RA database permissions >2012-09-20T12:34:44Z DEBUG duration: 0 seconds >2012-09-20T12:34:44Z DEBUG [9/18]: setting up signing cert profile >2012-09-20T12:34:44Z DEBUG duration: 0 seconds >2012-09-20T12:34:44Z DEBUG [10/18]: set up CRL publishing >2012-09-20T12:34:45Z DEBUG args=/usr/sbin/selinuxenabled >2012-09-20T12:34:45Z DEBUG stdout= >2012-09-20T12:34:45Z DEBUG stderr= >2012-09-20T12:34:45Z DEBUG args=/sbin/restorecon /var/lib/pki-ca/publish >2012-09-20T12:34:45Z DEBUG stdout= >2012-09-20T12:34:45Z DEBUG stderr= >2012-09-20T12:34:45Z DEBUG duration: 0 seconds >2012-09-20T12:34:45Z DEBUG [11/18]: set certificate subject base >2012-09-20T12:34:45Z DEBUG duration: 0 seconds >2012-09-20T12:34:45Z DEBUG [12/18]: enabling Subject Key Identifier >2012-09-20T12:34:45Z DEBUG duration: 0 seconds >2012-09-20T12:34:45Z DEBUG [13/18]: configuring certificate server to start on boot >2012-09-20T12:34:45Z DEBUG args=/bin/systemctl is-enabled pki-cad.target >2012-09-20T12:34:45Z DEBUG stdout=disabled > >2012-09-20T12:34:45Z DEBUG stderr= >2012-09-20T12:34:45Z DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' >2012-09-20T12:34:45Z DEBUG duration: 0 seconds >2012-09-20T12:34:45Z DEBUG [14/18]: restarting certificate server >2012-09-20T12:34:46Z DEBUG args=/bin/systemctl restart pki-cad@pki-ca.service >2012-09-20T12:34:46Z DEBUG stdout= >2012-09-20T12:34:46Z DEBUG stderr= >2012-09-20T12:34:47Z DEBUG duration: 2 seconds >2012-09-20T12:34:47Z DEBUG [15/18]: requesting RA certificate from CA >2012-09-20T12:34:47Z DEBUG args=/usr/bin/certutil -d /etc/httpd/alias -f XXXXXXXX -R -k rsa -g 2048 -s CN=IPA RA,O=FI.LAN -z /tmp/tmpXzXpFB -a >2012-09-20T12:34:47Z DEBUG stdout= >Certificate request generated by Netscape certutil >Phone: (not specified) > >Common Name: IPA RA >Email: (not specified) >Organization: FI.LAN >State: (not specified) >Country: (not specified) > >-----BEGIN NEW CERTIFICATE REQUEST----- >MIICZzCCAU8CAQAwIjEPMA0GA1UEChMGRkkuTEFOMQ8wDQYDVQQDEwZJUEEgUkEw >ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1R3Qw/fzVdTCTxPtXXjl4 >hzgTW9EZp9JLOouXIvoWD2ka5nFGezIO5xgfclar6D5ph/a64D8WnSI5hilIjRyD >oUdzuN+pMGPBoxyTItAWnT8HrJ5e2QZFMe2l5Y1L26mx5ENROKq+hX43ynyfkV38 >XHXLSSf26CIxTk9vKbNXJvy8XhgsSN8aZzUyqsEiCh3A3xiVfsQ7cr/9Wqa34f4G >jMPn6YuQZZhHJNjXDC81TVn2lzW66Ub9sYzV92Aw05rJ5t/rJcLpuxTKh+HePh2D >kmYCif6wUoOKnnhWeSAE41RF6N21EKPl3su/XouGEMWaJl9QJAzbuCMt72JBRqY5 >AgMBAAGgADANBgkqhkiG9w0BAQUFAAOCAQEANgv+bW8dfwCPdH3v1r6e41xzSprQ >JAn9+sbxr8pkMt2jLKQYYFSwOTlzSr7RCCUdvN8F+cvNL3mvOaks8nv7T85Fzmk1 >HMCF2d49GxR1JSx6wXbpoUyNcUV+wwssnfZXZgpR/C/iObmjKsG499Oi6popSTxq >4y3MAHWGvLGvKZzsMwh3pHFufNETV53uOgknhi/CU0YMkMZ2a4N6/hT281eJdtW+ >AnxdEkMf/ImLNegqUQx4nFmM9qmBfrJJvavnpc3Ppx2lUZ2kWa6OEnQq/xnjqOt2 >gjwdJRs+lRw7Ok4bWl+UwB+uOE+tfZrsJNCssbmFgEJ7xWhS26Md06fixA== >-----END NEW CERTIFICATE REQUEST----- > >2012-09-20T12:34:47Z DEBUG stderr= > >Generating key. This may take a few moments... > > >2012-09-20T12:34:51Z DEBUG duration: 3 seconds >2012-09-20T12:34:51Z DEBUG [16/18]: issuing RA agent certificate >2012-09-20T12:34:51Z DEBUG args=/usr/bin/certutil -d /tmp/tmp-56Kk3t -f XXXXXXXX -M -t CT,C,C -n Certificate Authority - FI.LAN >2012-09-20T12:34:51Z DEBUG stdout= >2012-09-20T12:34:51Z DEBUG stderr= >2012-09-20T12:34:51Z DEBUG args=/usr/bin/sslget -v -n ipa-ca-agent -p XXXXXXXX -d /tmp/tmp-56Kk3t -r /ca/agent/ca/profileReview?requestId=7 fi.lan:9443 >2012-09-20T12:34:51Z DEBUG stdout= >2012-09-20T12:34:51Z DEBUG stderr=GET /ca/agent/ca/profileReview?requestId=7 HTTP/1.0 > >port: 9443 >addr='fi.lan' >family='10' >exit after PR_Connect with error -5987: > >2012-09-20T12:34:51Z DEBUG Command '/usr/bin/sslget -v -n ipa-ca-agent -p XXXXXXXX -d /tmp/tmp-56Kk3t -r /ca/agent/ca/profileReview?requestId=7 fi.lan:9443' returned non-zero exit status 6 > File "/sbin/ipa-server-install", line 1100, in <module> > rval = main() > > File "/sbin/ipa-server-install", line 888, in main > subject_base=options.subject) > > File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 531, in configure_instance > self.start_creation("Configuring certificate server", 210) > > File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 257, in start_creation > method() > > File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 743, in __issue_ra_cert > (stdout, stderr, returncode) = ipautil.run(args, nolog=(self.admin_password,)) > > File "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line 304, in run > raise CalledProcessError(p.returncode, args) >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=614879">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 859043
: 614879 |
614881
|
740185