AnsweredAssumed Answered

Importing certificate with pdm_pki

Question asked by JussiValkonen on Jan 14, 2019
Latest reply on Jan 14, 2019 by JussiValkonen

Has anyone figured out how to use pdm_pki to import certificates from an external source? The help for the command says:

usage: pdm_pki -p policy_code [-f] [-l certificate] [-h]

        -p unique policy code
        -f force replacement
        -l load public key stored in a X509 V3 certificate
        -h print usage

but regardless of what I do I don't manage to move an existing and working login policy certificate from one environment to another and end up with the error

Unable to load the certificate file <filename>

I know I can copy the database values from one environment to another and that will work around the issue with pdm_pki but the ultimate goal is to be able to import signed certificates from my organisation's PKI authority instead of using the self-signed certs the pdm_pki generates.

I've exported the cert with the Java keytool and used openssl to extract the public key but so far no luck. The pdm_pki documentation is seriously lacking so it offers no help.

Assume I have access to openssl and anything that ships with SDM 17.1 on a Windows platform.