KRA Request Database - dogtagpki/pki GitHub Wiki

Request Container

dn: ou=kra,ou=requests,dc=kra,dc=pki,dc=example,dc=com
serialno: 010
ou: kra
objectClass: top
objectClass: repository
nextRange: 1000000001

Request Record

LDAP Attribute Description Indexed Searchable Examples

cn

Serial number in decimal

Yes

Yes

94847454507980301196091762688518657487

serialno

2-digit length + serial number in decimal

3894847454507980301196091762688518657487

requestType

Request type

netkeyKeygen, netkeyKeyRecovery, asymkeyGenRequest, symkeyGenRequest, archival, recovery, securityDataEnrollment, securityDataRecovery

requestState

Request status

begin, pending, approved, svc_pending, canceled, rejected, complete

Examples

Pending recovery request

dn: cn=94847454507980301196091762688518657487,ou=kra,ou=requests,dc=kra,dc=pki,dc=example,dc=com
objectClass: top
objectClass: request
objectClass: extensibleObject
requestId: 3894847454507980301196091762688518657487
requestState: svc_pending
dateOfCreate: 20240319024607Z
dateOfModify: 20240319024607Z
extdata-serialnumber: 35779142033966863150909375668561320944
extdata-requesttype: recovery
extdata-requestversion: 1.0.0
extdata-requestowner: kraadmin
extdata-updatedby: kraadmin
extdata-dbstatus: UPDATED
extdata-error: Invalid Key record
extdata-requeststatus: svc_pending
extdata-approvingagents: kraadmin
extdata-requestid: 94847454507980301196091762688518657487
extdata-result: 2
requestType: recovery
cn: 94847454507980301196091762688518657487

Approved recovery request

dn: cn=94847454507980301196091762688518657487,ou=kra,ou=requests,dc=kra,dc=pki,dc=example,dc=com
objectClass: top
objectClass: request
objectClass: extensibleObject
requestId: 3894847454507980301196091762688518657487
requestState: approved
dateOfCreate: 20240319024607Z
dateOfModify: 20240319024608Z
extdata-serialnumber: 35779142033966863150909375668561320944
extdata-requesttype: recovery
extdata-requestversion: 1.0.0
extdata-requestowner: kraadmin
extdata-updatedby: kraadmin
extdata-dbstatus: UPDATED
extdata-error: Invalid Key record
extdata-requeststatus: approved
extdata-approvingagents: kraadmin,kraadmin
extdata-requestid: 94847454507980301196091762688518657487
extdata-result: 2
requestType: recovery
cn: 94847454507980301196091762688518657487

Symmetric key generation request

dn: cn=64159505574576639561408812812801878724,ou=kra,ou=requests,dc=kra,dc=pki,dc=example,dc=com
objectClass: top
objectClass: request
objectClass: extensibleObject
requestId: 3864159505574576639561408812812801878724
requestState: complete
dateOfCreate: 20240319000939Z
dateOfModify: 20240319000939Z
extdata-keygenusages: sign
extdata-keygenalgorithm: AES
extdata-transwrappedsessionkey: null
extdata-strength: 256
extdata-requesttype: symkeyGenRequest
extdata-keygensize: 256
extdata-requestversion: 1.0.0
extdata-keyrecord: 90424714132443573452866290506742965666
extdata-requestowner: kraadmin
extdata-updatedby: kraadmin
extdata-algorithm: AES
extdata-dbstatus: UPDATED
extdata-clientkeyid: testkey
extdata-requeststatus: complete
extdata-requestid: 64159505574576639561408812812801878724
extdata-result: 1
requestType: symkeyGenRequest
cn: 64159505574576639561408812812801878724

Asymmetric key generation request

dn: cn=310524494216473260627530750359168967149,ou=kra,ou=requests,dc=kra,dc=pki,dc=example,dc=com
objectClass: top
objectClass: request
objectClass: extensibleObject
requestId: 39310524494216473260627530750359168967149
requestState: complete
dateOfCreate: 20240319001621Z
dateOfModify: 20240319001621Z
extdata-keygenusages: null
extdata-keygenalgorithm: RSA
extdata-serialnumber: 196643718199962579936556285760282162665
extdata-strength: 2048
extdata-requesttype: asymkeyGenRequest
extdata-keygensize: 2048
extdata-requestversion: 1.0.0
extdata-keyrecord: 196643718199962579936556285760282162665
extdata-requestowner: kraadmin
extdata-updatedby: kraadmin
extdata-algorithm: RSA
extdata-dbstatus: UPDATED
extdata-clientkeyid: testkey
extdata-requeststatus: complete
extdata-requestid: 310524494216473260627530750359168967149
extdata-result: 1
requestType: asymkeyGenRequest
cn: 310524494216473260627530750359168967149
⚠️ **GitHub.com Fallback** ⚠️