Issuing KRA Transport Certificate with PKI NSS - dogtagpki/pki GitHub Wiki

Issuing Certificate

To issue a certificate, prepare a certificate extension configuration in a file (e.g. kra_transport.conf):

authorityKeyIdentifier = keyid:always
keyUsage               = critical, digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
extendedKeyUsage       = clientAuth

To issue a certificate signed by a CA certificate, specify the CA certificate nickname:

$ pki nss-cert-issue \
    --issuer ca_signing \
    --csr kra_transport.csr \
    --ext kra_transport.conf \
    --cert kra_transport.crt

Availability: PKI 10.9

See Also

Tip	To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis.

⚠️ GitHub.com Fallback ⚠️