CMC_USER_SIGNED_REQUEST_SIG_VERIFY Audit Event - dogtagpki/pki GitHub Wiki

Overview

The CMC_USER_SIGNED_REQUEST_SIG_VERIFY audit event is generated when CMC (user-signed or self-signed) a certificate enrollment or revocation request is submitted and the signature is verified.

By default only failed events will be logged. To log all events, remove the following parameter from CS.cfg:

log.instance.SignedAudit.filters.CMC_USER_SIGNED_REQUEST_SIG_VERIFY=(Outcome=*)

Examples

For exampe, submit a certificate enrollment request with CMC shared token:

  • Install CA.

  • Remove log.instance.SignedAudit.filters.CMC_USER_SIGNED_REQUEST_SIG_VERIFY parameter from CS.cfg.

  • Create issuance protection certificate.

  • Configure CMC shared token authentication.

  • Generate CMC shared token.

  • Issue certificate with CMC shared token.

The server will generate the following event:

[AuditEvent=CMC_USER_SIGNED_REQUEST_SIG_VERIFY][SubjectID=CN=PKI Administrator,E
[email protected],OU=pki-tomcat,O=EXAMPLE][Outcome=Success][ReqType=enrollmen
t][CertSubject=UID=testuser][SignerInfo=$Unidentified$] User signed CMC request
signature verification success

See Also

Tip
 To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis.
⚠️ **GitHub.com Fallback** ⚠️