SCEP Server Error : "failed to sign CSR" #234
Comments
|
Which client is this? Does this work with the as-shipped scepclient? Thanks! |
|
No, it is not a micromdm scep client. we have our client and it is running fine with Microsoft and cisco scep sever. we are testing micromdm scep server and it is failing for us. |
|
MIght be worth trying mysqlscepserver over using the default file store. Seems like you might be having issues with the file store. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Not able to sign the client CSR certificate.
server side error.
{"caller":"scep.go:278","level":"debug","msg":"parsed scep pkiMessage","scep_message_type":"PKCSReq (19)","transaction_id":"D6CA8D501DA6EBEB4C694DC6FD7CE1B2","ts":"2024-06-10T19:32:24.8241114Z"}
{"caller":"scep.go:355","has_challenge":true,"level":"debug","msg":"decrypt pkiEnvelope","ts":"2024-06-10T19:32:24.8254487Z"}
{"caller":"service.go:88","err":"open depot\serial: The file exists.","msg":"failed to sign CSR","ts":"2024-06-10T19:32:24.8453609Z"}
SCEP client side error.
pkistatus: FAILURE
finding attribute failInfo
[int get_signed_attribute(struct stack_st_X509_ATTRIBUTE *, int, int, char **):1231] ASN1 Type: found 19 given 19
allocating 1 bytes for attribute
[int pkcs7_unwrap(scepTransactionT *):1022] reason: Transaction not permitted or supported
finding attribute failInfoText
ASN.1 type not found rc(1)
failInfoText is NULL
pkcs7_unwrap fails with error = 1
enroll Sscep library call for enroll setup is failed.
The text was updated successfully, but these errors were encountered: