forked from freeipa/freeipa
-
Notifications
You must be signed in to change notification settings - Fork 0
PKI Certificates
Endi S. Dewata edited this page Jun 13, 2022
·
9 revisions
In IPA environment the CA admin certificate is stored in /root/.dogtag/pki-tomcat/ca_admin.cert.
$ openssl x509 -text -noout -in /root/.dogtag/pki-tomcat/ca_admin.cert
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: O = EXAMPLE.COM, CN = Certificate Authority
Validity
Not Before: Jun 13 21:11:38 2022 GMT
Not After : Jun 2 21:11:38 2024 GMT
Subject: O = EXAMPLE.COM, CN = ipa-ca-agent
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a1:a8:7c:3a:16:85:66:6b:ca:67:98:36:6e:c0:
a1:0a:56:77:a8:e1:1f:e0:16:04:f2:a3:24:0a:dd:
4c:a6:a7:3e:6a:ef:4b:41:0c:b9:91:e7:2f:5a:93:
15:0e:96:c9:cc:21:2d:40:d4:c7:9b:21:0c:04:2b:
5c:ba:b0:b7:d3:5c:27:25:ce:fc:88:53:88:08:16:
6d:ae:83:a2:98:91:6f:01:80:27:78:9d:90:4a:dc:
20:23:be:4d:b7:60:f9:9e:93:42:94:31:b8:e6:cc:
07:95:50:d7:44:c0:0d:2c:bd:67:2e:24:59:24:58:
97:e3:fa:37:7c:71:12:91:db:a7:24:8f:17:e8:5f:
90:f5:e3:39:25:75:71:c5:97:ac:27:1a:c0:16:4c:
71:69:a4:bf:bf:f7:d9:23:13:df:9b:97:40:85:e1:
2a:0f:ff:bb:8a:2a:9e:9e:2c:da:4d:c2:17:01:e5:
d1:82:1e:f5:49:90:ab:cd:dd:03:df:10:c8:50:0e:
49:28:a3:13:fa:50:a6:ac:0f:ed:f7:14:c6:4b:d5:
03:53:3e:42:eb:49:05:65:1d:17:0a:c4:39:1d:7f:
7f:d5:7f:b1:90:b0:0d:fb:1a:9a:94:cc:f2:74:79:
0b:38:b1:1b:9b:82:bf:d6:96:62:ca:7d:b7:75:9d:
43:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
B9:A2:91:05:0B:E5:DD:00:2E:1A:64:DD:26:DC:D3:A1:43:DA:8C:C3
Authority Information Access:
OCSP - URI:http://ipa-ca.example.com/ca/ocsp
X509v3 Key Usage: critical
Digital Signature, Non Repudiation, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, E-mail Protection
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
84:8c:9a:b2:a2:35:3e:0a:13:c3:e5:60:b4:94:bf:67:2a:6e:
12:f3:65:1b:f3:4e:a9:3c:83:80:5a:e2:17:b9:22:f2:4d:67:
c4:ce:95:26:19:ef:00:b2:05:33:d3:ae:f7:d3:88:9d:d2:ea:
30:28:67:fa:a5:0d:4c:15:df:f0:73:6f:34:d6:92:64:2c:e9:
6b:27:2d:31:cd:18:d4:34:be:13:24:73:a6:0a:d9:dc:f8:3d:
72:9f:87:e7:5f:cf:60:a1:a1:48:74:a0:68:b8:33:7f:81:28:
37:42:f1:55:85:44:3e:e1:f1:bf:3a:3b:91:c8:03:01:9b:46:
50:18:33:d1:0a:92:18:85:90:99:7d:ed:c7:ac:a1:07:e4:31:
4a:77:09:d6:0c:b7:4d:14:6c:2d:77:f1:15:f6:39:3e:7d:c4:
8e:62:d2:a8:46:9a:4c:a6:e9:c2:53:0d:81:8c:ba:be:ac:66:
c6:a1:8f:94:33:09:c8:40:a9:f0:78:ae:14:17:c7:0b:76:47:
b0:df:90:fa:60:d2:b0:d1:27:6a:9b:f3:c8:62:87:c0:92:f9:
75:c2:70:23:61:44:48:e6:a3:ea:f5:e0:c8:ce:e3:b7:1b:17:
22:b7:22:ec:c3:ac:59:d1:93:ef:67:fa:ae:b6:a7:02:5a:d7:
f3:7f:10:0a:d3:7b:aa:6c:fc:80:50:c4:d0:b8:d7:08:94:98:
f6:07:c1:6a:02:c4:18:77:2a:2a:37:0d:0c:5b:ad:9d:04:be:
1c:44:79:cd:92:0e:35:08:53:ab:e7:63:cc:d0:98:6b:ed:fa:
8a:4e:c8:6e:71:23:e4:6e:44:61:e9:94:f3:2d:12:3c:60:29:
9b:b3:6f:e8:62:0d:1f:ab:e9:62:67:c5:fc:e3:5c:31:73:51:
80:35:01:19:a6:b0:9b:9a:9c:d9:0e:19:89:ec:de:c5:6b:12:
7c:cf:c0:c4:ce:23:5a:6e:a9:77:5b:2c:5f:d9:1f:7f:da:fe:
1b:0c:0b:ca:48:a4