[root@f16-pki silent-configure]# ./kra-silent.bash | tee kra-config2.txt
+ kra_admin_port=10445
++ hostname
+ pki_host=f16-pki.test.com
++ hostname
+ pki_security_domain_host=f16-pki.test.com
+ pki_security_domain_admin_name=admin
+ pki_security_domain_admin_password=testpwd
+ kra_instance_name=pki-kra
+ ca_nonssl_port=9180
+ ca_agent_port=9443
+ ca_ee_port=9444
+ ca_admin_port=9445
+ pki_silent_security_database_repository=/var/tmp/testdb
+ pki_silent_security_database_password=testpwd
++ cat /var/lib/pki-kra/conf/CS.cfg
++ grep preop.pin
++ grep -v grep
++ awk -F= '{print $2}'
+ kra_preop_pin=PD1Bqd3q6xZGYdLvHDW6
+ pki_security_domain_name=silentdom
+ pki_silent_admin_user=admin
+ pki_silent_admin_password=testpwd
+ pki_silent_admin_email=pki-kra-admin@test.com
+ kra_agent_name=kra-agent
+ pki_ldap_host=localhost
+ pki_ldap_port=389
+ pki_bind_dn='cn=Directory\ Manager'
+ pki_bind_password=redhat
+ kra_base_dn=dc=f16-pki.test.com-pki-kra
+ kra_db_name=f16-pki.test.com-pki-kra
+ kra_key_size=2048
+ kra_key_type=rsa
+ kra_token_name=internal
+ kra_token_password=testpwd
+ kra_agent_key_size=2048
+ kra_agent_key_type=rsa
+ kra_agent_cert_subject='cn=KRA\ Administrator\ of\ Instance\ pki-kra,uid=admin,e=pki-kra-admin@test.com,o=silentdom'
+ kra_subsystem_name='Data\ Recovery\ Manager'
+ kra_backup_password=testpwd
+ kra_transport_cert_subject_name='cn=DRM\ Transport\ Certificate,o=silentdom'
+ kra_subsystem_cert_subject_name='cn=DRM\ Subsystem\ Certificate,o=silentdom'
+ kra_storage_cert_subject_name='cn=DRM\ Storage\ Certificate,o=silentdom'
+ kra_server_cert_subject_name=cn=f16-pki.test.com,o=silentdom
+ kra_audit_signing_cert_subject_name='cn=DRM\ Audit\ Signing\ Certificate,o=silentdom'
+ pki_silent_kra_log=/tmp/pki-silent-kra-log
+ tee /tmp/pki-silent-kra-log
+ pkisilent ConfigureDRM -cs_hostname f16-pki.test.com -cs_port 10445 -sd_hostname f16-pki.test.com -sd_ssl_port 9444 -sd_agent_port 9443 -sd_admin_port 9445 -sd_admin_name admin -sd_admin_password testpwd -ca_hostname f16-pki.test.com -ca_port 9180 -ca_ssl_port 9444 -client_certdb_dir /var/tmp/testdb -client_certdb_pwd redhat -preop_pin PD1Bqd3q6xZGYdLvHDW6 -domain_name silentdom -admin_user admin -admin_password redhat -admin_email pki-kra-admin@test.com -agent_name kra-agent -ldap_host localhost -ldap_port 389 -bind_dn 'cn=Directory\ Manager' -bind_password redhat -base_dn dc=f16-pki.test.com-pki-kra -db_name f16-pki.test.com-pki-kra -key_size 2048 -key_type rsa -token_name internal -token_pwd redhat -agent_key_size 2048 -agent_key_type rsa -agent_cert_subject 'cn=KRA\ Administrator\ of\ Instance\ pki-kra,uid=admin,e=pki-kra-admin@test.com,o=silentdom' -subsystem_name 'Data\' 'Recovery\' Manager -backup_pwd redhat -drm_transport_cert_subject_name 'cn=DRM\ Transport\ Certificate,o=silentdom' -drm_subsystem_cert_subject_name 'cn=DRM\ Subsystem\ Certificate,o=silentdom' -drm_storage_cert_subject_name 'cn=DRM\ Storage\ Certificate,o=silentdom' -drm_server_cert_subject_name cn=f16-pki.test.com,o=silentdom -drm_audit_signing_cert_subject_name 'cn=DRM\ Audit\ Signing\ Certificate,o=silentdom'
libpath=/usr/lib64
#######################################################################
CRYPTO INIT WITH CERTDB:/var/tmp/testdb
tokenpwd:testpwd
#############################################
Attempting to connect to: f16-pki.test.com:10445
ERROR: unable to set ECC Cipher List
ERROR: Exception = org.mozilla.jss.ssl.SSLSocketException: Failed to enable cipher 0xc001
: (-12266) An unknown SSL cipher suite has been requested.
in TestCertApprovalCallback.approve()
Peer cert details:
subject: CN=f16-pki.test.com,O=2012-02-01 09:26:18
issuer: CN=f16-pki.test.com,O=2012-02-01 09:26:18
serial: 0
item 1 reason=-8156 depth=1
cert details:
subject: CN=f16-pki.test.com,O=2012-02-01 09:26:18
issuer: CN=f16-pki.test.com,O=2012-02-01 09:26:18
serial: 0
item 2 reason=-8172 depth=1
cert details:
subject: CN=f16-pki.test.com,O=2012-02-01 09:26:18
issuer: CN=f16-pki.test.com,O=2012-02-01 09:26:18
serial: 0
importing certificate.
Connected.
Posting Query = https://f16-pki.test.com:10445//kra/admin/console/config/login?pin=PD1Bqd3q6xZGYdLvHDW6&xml=true
RESPONSE STATUS: HTTP/1.1 302 Moved Temporarily
RESPONSE HEADER: Server: Apache-Coyote/1.1
RESPONSE HEADER: Set-Cookie: JSESSIONID=8C417497671869EDB54CAC814E234761; Path=/kra; Secure
RESPONSE HEADER: Location: https://f16-pki.test.com:10445/kra/admin/console/config/wizard
RESPONSE HEADER: Content-Type: text/html;charset=UTF-8
RESPONSE HEADER: Content-Length: 0
RESPONSE HEADER: Date: Wed, 01 Feb 2012 16:51:38 GMT
RESPONSE HEADER: Connection: keep-alive
xml returned:
cookie list: JSESSIONID=8C417497671869EDB54CAC814E234761; Path=/kra; Secure
#############################################
Attempting to connect to: f16-pki.test.com:10445
ERROR: unable to set ECC Cipher List
ERROR: Exception = org.mozilla.jss.ssl.SSLSocketException: Failed to enable cipher 0xc001
: (-12266) An unknown SSL cipher suite has been requested.
Connected.
Posting Query = https://f16-pki.test.com:10445//kra/admin/console/config/wizard?p=0&op=next&xml=true
RESPONSE STATUS: HTTP/1.1 200 OK
RESPONSE HEADER: Server: Apache-Coyote/1.1
RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8
RESPONSE HEADER: Date: Wed, 01 Feb 2012 16:51:38 GMT
RESPONSE HEADER: Connection: close
admin/console/config/modulepanel.vm
display
2
NSS Internal PKCS #11 Module
NSS Internal PKCS #11 Module
../img/clearpixel.gif
nfast
nCipher's nFast Token Hardware Module
../img/clearpixel.gif
lunasa
SafeNet's LunaSA Token Hardware Module
../img/clearpixel.gif
16
Key Store
welcome
Welcome
module
Key Store
confighsmlogin
ConfigHSMLogin
securitydomain
Security Domain
securitydomain
Display Certificate Chain
subsystem
Subsystem Type
restorekeys
Import Keys and Certificates
databasepanel
Internal Database
sizepanel
Key Pairs
namepanel
Subject Names
certrequestpanel
Requests and Certificates
backupkeys
Export Keys and Certificates
savepk12
Save Keys and Certificates
adminpanel
Administrator
importadmincertpanel
Import Administrator's Certificate
donepanel
Done
1
DRM Setup Wizard
Internal Key Storage Token
module
Sleeping for 5 secs..
#############################################
Attempting to connect to: f16-pki.test.com:10445
ERROR: unable to set ECC Cipher List
ERROR: Exception = org.mozilla.jss.ssl.SSLSocketException: Failed to enable cipher 0xc001
: (-12266) An unknown SSL cipher suite has been requested.
Connected.
Posting Query = https://f16-pki.test.com:10445//kra/admin/console/config/wizard?p=1&op=next&xml=true&choice=Internal+Key+Storage+Token
RESPONSE STATUS: HTTP/1.1 200 OK
RESPONSE HEADER: Server: Apache-Coyote/1.1
RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8
RESPONSE HEADER: Date: Wed, 01 Feb 2012 16:51:48 GMT
RESPONSE HEADER: Connection: close
f16-pki.test.com
admin/console/config/securitydomainpanel.vm
/usr/bin/pkicontrol
Test Domain
https://f16-pki.test.com:9445
10180
DRM
Security Domain
welcome
Welcome
module
Key Store
confighsmlogin
ConfigHSMLogin
securitydomain
Security Domain
securitydomain
Display Certificate Chain
subsystem
Subsystem Type
restorekeys
Import Keys and Certificates
databasepanel
Internal Database
sizepanel
Key Pairs
namepanel
Subject Names
certrequestpanel
Requests and Certificates
backupkeys
Export Keys and Certificates
savepk12
Save Keys and Certificates
adminpanel
Administrator
importadmincertpanel
Import Administrator's Certificate
donepanel
Done
https://f16-pki.test.com:9445
checked
DRM Setup Wizard
10444
10445
securitydomain
10443
KRA
ca pki-krad@pki-kra.service
success
16
3
DRM Setup Wizard
Sleeping for 5 secs..
#############################################
Attempting to connect to: f16-pki.test.com:10445
ERROR: unable to set ECC Cipher List
ERROR: Exception = org.mozilla.jss.ssl.SSLSocketException: Failed to enable cipher 0xc001
: (-12266) An unknown SSL cipher suite has been requested.
Connected.
Posting Query = https://f16-pki.test.com:10445//kra/admin/console/config/wizard?sdomainURL=https%3A%2F%2Ff16-pki.test.com%3A9445&choice=existingdomain&p=3&op=next&xml=true
RESPONSE STATUS: HTTP/1.1 200 OK
RESPONSE HEADER: Server: Apache-Coyote/1.1
RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8
RESPONSE HEADER: Date: Wed, 01 Feb 2012 16:51:59 GMT
RESPONSE HEADER: Connection: close
admin/console/config/displaycertchainpanel.vm
KRA
success
https://f16-pki.test.com:9445
16
DRM
Certificate:
Data:
Version: v3
Serial Number: 0x1
Signature Algorithm: SHA512withRSA - 1.2.840.113549.1.1.13
Issuer: CN=Certificate Authority-ca,O=silentdom
Validity:
Not Before: Wednesday, February 1, 2012 9:22:12 AM EST US/Eastern
Not After: Saturday, February 1, 2020 9:22:12 AM EST US/Eastern
Subject: CN=Certificate Authority-ca,O=silentdom
Subject Public Key Info:
Algorithm: RSA - 1.2.840.113549.1.1.1
Public Key:
Exponent: 65537
Public Key Modulus: (2048 bits) :
E1:D5:C9:ED:28:56:5B:BF:46:0C:F8:93:6F:09:5F:B2:
74:82:61:E7:E5:70:91:24:56:09:85:8B:9D:B6:8F:12:
E0:85:83:EB:E5:63:E6:65:C3:DD:E0:8B:FB:53:08:76:
BF:9B:83:86:6D:DD:86:35:7A:14:A1:4F:B9:1B:74:E9:
E1:77:5E:1D:73:94:FC:A2:EA:2B:9F:EE:88:62:65:22:
13:DA:57:5A:A5:4C:68:5F:FA:B0:D2:5E:66:68:20:94:
AC:12:F8:8C:94:E3:F4:09:6B:60:A2:C2:D5:47:1B:27:
74:D0:8B:1F:FA:67:75:D7:5C:96:68:E6:F9:FB:BC:B1:
49:00:AD:CA:ED:65:22:CB:95:D5:EB:DB:68:A8:65:D6:
D7:C6:58:D4:BD:6F:34:A0:F1:F1:2E:DB:BC:92:49:0D:
BF:31:03:AB:38:6F:C6:02:65:1A:66:3F:DB:31:E3:CD:
AC:A1:27:DD:36:83:1A:D3:F1:B7:8E:93:9C:96:49:3D:
DC:54:FA:F1:83:CF:88:C7:FC:7E:62:8D:4D:6B:1A:43:
29:1A:0B:5A:92:62:AD:B9:57:B7:03:75:48:68:D0:91:
A6:58:86:64:D2:FF:B3:F3:FD:58:55:11:09:5A:E8:46:
62:91:FC:78:DB:16:B0:E3:03:4C:3A:60:E4:61:00:33
Extensions:
Identifier: Authority Key Identifier - 2.5.29.35
Critical: no
Key Identifier:
43:AC:F6:30:91:3A:B5:87:0C:A2:D4:AF:2A:61:6D:E5:
E7:61:E2:1A
Identifier: Basic Constraints - 2.5.29.19
Critical: yes
Is CA: yes
Path Length Constraint: UNLIMITED
Identifier: Key Usage: - 2.5.29.15
Critical: yes
Key Usage:
Digital Signature
Non Repudiation
Key CertSign
Crl Sign
Identifier: Subject Key Identifier - 2.5.29.14
Critical: no
Key Identifier:
43:AC:F6:30:91:3A:B5:87:0C:A2:D4:AF:2A:61:6D:E5:
E7:61:E2:1A
Identifier: Authority Info Access: - 1.3.6.1.5.5.7.1.1
Critical: no
Access Description:
Method #0: ocsp
Location #0: URIName: http://f16-pki.test.com:9180/ca/ocsp
Signature:
Algorithm: SHA512withRSA - 1.2.840.113549.1.1.13
Signature:
C4:31:28:94:EC:1C:00:35:B6:98:F0:85:67:59:D0:A2:
FC:19:F9:67:BF:54:49:B0:0C:67:40:0F:74:4B:07:AC:
62:36:31:7E:6A:FB:FF:C2:C9:84:63:4B:41:7D:A0:1F:
C5:5D:E9:7B:C7:52:10:C5:EF:6E:A7:39:03:43:E5:8D:
87:05:17:D2:84:AB:8A:1E:98:74:F8:D5:5D:81:AA:34:
29:DC:DD:CA:C3:99:B1:5E:B5:A6:03:8C:52:A1:C2:27:
18:F5:59:0D:96:BE:4E:C5:F2:D2:84:54:61:35:80:BB:
BF:3C:9B:25:15:9F:D5:4E:0C:D8:F6:F4:75:6A:44:80:
77:5C:6E:8E:BC:FF:1E:26:36:84:59:64:31:64:49:BD:
B7:5A:53:2C:A5:B8:16:D3:23:A1:8C:AB:EE:C3:AD:32:
C4:29:EE:8A:08:23:DA:B2:12:A1:78:0A:FF:E6:56:40:
9F:82:52:70:CF:F6:70:CB:9D:08:F0:72:D3:66:2E:B6:
87:D3:C9:D6:5C:7A:66:8B:2E:96:F7:C4:DC:D3:88:45:
60:62:94:90:84:76:52:7E:61:7B:B1:65:47:E5:1D:2F:
87:67:A1:81:8A:41:A4:AA:A5:28:17:52:27:82:0A:28:
40:D5:33:3A:25:3E:96:62:6E:6A:34:82:15:6D:68:E0
FingerPrint
MD2:
58:2E:94:4E:7A:2B:E6:62:21:70:4A:96:7E:9B:1E:22
MD5:
2D:91:1B:F1:DD:BD:08:23:48:9A:13:94:64:75:DA:EF
SHA1:
CE:53:FE:24:02:E3:91:C4:DE:4E:BE:12:EF:51:D6:65:
85:B2:2A:CF
SHA256:
7E:0D:EB:F8:63:27:E5:45:0D:E4:B5:80:0D:AC:30:35:
E2:9A:3C:EB:06:4A:A4:5A:41:DA:37:61:C0:4C:E3:33
SHA512:
DD:2C:12:A6:DD:E5:62:99:61:42:43:10:ED:F5:B9:3E:
3E:C3:2E:98:10:33:0B:29:A9:DF:67:CC:09:3A:60:67:
F1:70:25:54:B8:A6:54:97:D9:41:91:AD:5C:FF:C5:A6:
CC:FB:7F:7A:74:6A:B8:A7:69:1E:96:41:42:13:AB:FD
Display Certificate Chain
welcome
Welcome
module
Key Store
confighsmlogin
ConfigHSMLogin
securitydomain
Security Domain
securitydomain
Display Certificate Chain
subsystem
Subsystem Type
restorekeys
Import Keys and Certificates
databasepanel
Internal Database
sizepanel
Key Pairs
namepanel
Subject Names
certrequestpanel
Requests and Certificates
backupkeys
Export Keys and Certificates
savepk12
Save Keys and Certificates
adminpanel
Administrator
importadmincertpanel
Import Administrator's Certificate
donepanel
Done
4
securitydomain
DRM Setup Wizard
DRM Setup Wizard
securitydomain
Sleeping for 5 secs..
#############################################
Attempting to connect to: f16-pki.test.com:10445
ERROR: unable to set ECC Cipher List
ERROR: Exception = org.mozilla.jss.ssl.SSLSocketException: Failed to enable cipher 0xc001
: (-12266) An unknown SSL cipher suite has been requested.
Connected.
Posting Query = https://f16-pki.test.com:10445//kra/admin/console/config/wizard?p=4&op=next&xml=true
RESPONSE STATUS: HTTP/1.1 302 Moved Temporarily
RESPONSE HEADER: Server: Apache-Coyote/1.1
RESPONSE HEADER: Location: https://f16-pki.test.com:9445/ca/admin/ca/securityDomainLogin?url=https%3A%2F%2Ff16-pki.test.com%3A10445%2Fkra%2Fadmin%2Fconsole%2Fconfig%2Fwizard%3Fp%3D5%26subsystem%3DKRA
RESPONSE HEADER: Content-Type: text/html;charset=UTF-8
RESPONSE HEADER: Content-Length: 0
RESPONSE HEADER: Date: Wed, 01 Feb 2012 16:52:05 GMT
RESPONSE HEADER: Connection: keep-alive
Sleeping for 5 secs..
#############################################
Attempting to connect to: f16-pki.test.com:9445
ERROR: unable to set ECC Cipher List
ERROR: Exception = org.mozilla.jss.ssl.SSLSocketException: Failed to enable cipher 0xc001
: (-12266) An unknown SSL cipher suite has been requested.
in TestCertApprovalCallback.approve()
Peer cert details:
subject: CN=f16-pki.test.com,O=silentdom
issuer: CN=Certificate Authority-ca,O=silentdom
serial: 3
item 1 reason=-8172 depth=1
cert details:
subject: CN=Certificate Authority-ca,O=silentdom
issuer: CN=Certificate Authority-ca,O=silentdom
serial: 1
importing certificate.
Connected.
Posting Query = https://f16-pki.test.com:9445//ca/admin/ca/securityDomainLogin?url=https%3A%2F%2Ff16-pki.test.com%3A10445%2Fkra%2Fadmin%2Fconsole%2Fconfig%2Fwizard%3Fp%3D5%26subsystem%3DKRA
RESPONSE STATUS: HTTP/1.1 200 OK
RESPONSE HEADER: Server: Apache-Coyote/1.1
RESPONSE HEADER: Content-Type: text/html;charset=UTF-8
RESPONSE HEADER: Date: Wed, 01 Feb 2012 16:52:10 GMT
RESPONSE HEADER: Connection: close
#############################################
Attempting to connect to: f16-pki.test.com:9445
ERROR: unable to set ECC Cipher List
ERROR: Exception = org.mozilla.jss.ssl.SSLSocketException: Failed to enable cipher 0xc001
: (-12266) An unknown SSL cipher suite has been requested.
Connected.
Posting Query = https://f16-pki.test.com:9445//ca/admin/ca/getCookie?uid=admin&pwd=testpwd&url=https%3A%2F%2Ff16-pki.test.com%3A10445%2Fkra%2Fadmin%2Fconsole%2Fconfig%2Fwizard%3Fp%3D5%26subsystem%3DKRA
RESPONSE STATUS: HTTP/1.1 200 OK
RESPONSE HEADER: Server: Apache-Coyote/1.1
RESPONSE HEADER: Content-Type: text/html
RESPONSE HEADER: Date: Wed, 01 Feb 2012 16:52:10 GMT
RESPONSE HEADER: Connection: close
KRA_SESSION_ID=5059245923089692478
KRA_URL=https://f16-pki.test.com:10445/kra/admin/console/config/wizard?p=5&subsystem=KRA
#############################################
Attempting to connect to: f16-pki.test.com:10445
ERROR: unable to set ECC Cipher List
ERROR: Exception = org.mozilla.jss.ssl.SSLSocketException: Failed to enable cipher 0xc001
: (-12266) An unknown SSL cipher suite has been requested.
Connected.
Posting Query = https://f16-pki.test.com:10445//kra/admin/console/config/wizard?p=5&subsystem=KRA&session_id=5059245923089692478&xml=true
RESPONSE STATUS: HTTP/1.1 200 OK
RESPONSE HEADER: Server: Apache-Coyote/1.1
RESPONSE HEADER: Content-Type: text/html;charset=UTF-8
RESPONSE HEADER: Date: Wed, 01 Feb 2012 16:52:12 GMT
RESPONSE HEADER: Connection: close
Sleeping for 5 secs..
#############################################
Attempting to connect to: f16-pki.test.com:10445
ERROR: unable to set ECC Cipher List
ERROR: Exception = org.mozilla.jss.ssl.SSLSocketException: Failed to enable cipher 0xc001
: (-12266) An unknown SSL cipher suite has been requested.
Connected.
Posting Query = https://f16-pki.test.com:10445//kra/admin/console/config/wizard?p=5&op=next&xml=true&choice=newsubsystem&subsystemName=Data+Recovery+Manager
RESPONSE STATUS: HTTP/1.1 200 OK
RESPONSE HEADER: Server: Apache-Coyote/1.1
RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8
RESPONSE HEADER: Date: Wed, 01 Feb 2012 16:52:18 GMT
RESPONSE HEADER: Connection: close
admin/console/config/databasepanel.vm
new
(sensitive)
389
off
success
localhost
f16-pki.test.com-pki-kra
cn=Directory Manager
16
true
Internal Database
off
welcome
Welcome
module
Key Store
confighsmlogin
ConfigHSMLogin
securitydomain
Security Domain
securitydomain
Display Certificate Chain
subsystem
Subsystem Type
restorekeys
Import Keys and Certificates
databasepanel
Internal Database
sizepanel
Key Pairs
namepanel
Subject Names
certrequestpanel
Requests and Certificates
backupkeys
Export Keys and Certificates
savepk12
Save Keys and Certificates
adminpanel
Administrator
importadmincertpanel
Import Administrator's Certificate
donepanel
Done
7
DRM Setup Wizard
dc=f16-pki.test.com-pki-kra
databasepanel
Sleeping for 5 secs..
Sleeping for 5 secs..
#############################################
Attempting to connect to: f16-pki.test.com:10445
ERROR: unable to set ECC Cipher List
ERROR: Exception = org.mozilla.jss.ssl.SSLSocketException: Failed to enable cipher 0xc001
: (-12266) An unknown SSL cipher suite has been requested.
Connected.
Posting Query = https://f16-pki.test.com:10445//kra/admin/console/config/wizard?p=7&op=next&xml=true&host=localhost&port=389&binddn=cn%3DDirectory+Manager&__bindpwd=redhat&basedn=dc%3Df16-pki.test.com-pki-kra&database=f16-pki.test.com-pki-kra&display=%24displayStr
RESPONSE STATUS: HTTP/1.1 200 OK
RESPONSE HEADER: Server: Apache-Coyote/1.1
RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8
RESPONSE HEADER: Date: Wed, 01 Feb 2012 16:52:37 GMT
RESPONSE HEADER: Connection: close
admin/console/config/sizepanel.vm
SHA256withEC,SHA1withEC,SHA384withEC,SHA512withEC
389
off
2048
true
Key Pairs
welcome
Welcome
module
Key Store
confighsmlogin
ConfigHSMLogin
securitydomain
Security Domain
securitydomain
Display Certificate Chain
subsystem
Subsystem Type
restorekeys
Import Keys and Certificates
databasepanel
Internal Database
sizepanel
Key Pairs
namepanel
Subject Names
certrequestpanel
Requests and Certificates
backupkeys
Export Keys and Certificates
savepk12
Save Keys and Certificates
adminpanel
Administrator
importadmincertpanel
Import Administrator's Certificate
donepanel
Done
DRM Setup Wizard
sizepanel
SHA256withRSA,SHA1withRSA,SHA512withRSA,MD5withRSA,MD2withRSA
kra
(sensitive)
nistp256
success
root
localhost
nistp256 (secp256r1),nistp384 (secp384r1),nistp521 (secp521r1),nistk163 (sect163k1),sect163r1,nistb163 (sect163r2),sect193r1,sect193r2,nistk233 (sect233k1),nistb233 (sect233r1),sect239k1,nistk283 (sect283k1),nistb283 (sect283r1),nistk409 (sect409k1),nistb409 (sect409r1),nistk571 (sect571k1),nistb571 (sect571r1),secp160k1,secp160r1,secp160r2,secp192k1,nistp192 (secp192r1, prime192v1),secp224k1,nistp224 (secp224r1),secp256k1,prime192v2,prime192v3,prime239v1,prime239v2,prime239v3,c2pnb163v1,c2pnb163v2,c2pnb163v3,c2pnb176v1,c2tnb191v1,c2tnb191v2,c2tnb191v3,c2pnb208w1,c2tnb239v1,c2tnb239v2,c2tnb239v3,c2pnb272w1,c2pnb304w1,c2tnb359w1,c2pnb368w1,c2tnb431r1,secp112r1,secp112r2,secp128r1,secp128r2,sect113r1,sect113r2,sect131r1,sect131r2
nistp256,nistp384,nistp521,sect163k1,nistk163,sect163r1,sect163r2,nistb163,sect193r1,sect193r2,sect233k1,nistk233,sect233r1,nistb233,sect239k1,sect283k1,nistk283,sect283r1,nistb283,sect409k1,nistk409,sect409r1,nistb409,sect571k1,nistk571,sect571r1,nistb571,secp160k1,secp160r1,secp160r2,secp192k1,secp192r1,nistp192,secp224k1,secp224r1,nistp224,secp256k1,secp256r1,secp384r1,secp521r1,prime192v1,prime192v2,prime192v3,prime239v1,prime239v2,prime239v3,c2pnb163v1,c2pnb163v2,c2pnb163v3,c2pnb176v1,c2tnb191v1,c2tnb191v2,c2tnb191v3,c2pnb208w1,c2tnb239v1,c2tnb239v2,c2tnb239v3,c2pnb272w1,c2pnb304w1,c2tnb359w1,c2pnb368w1,c2tnb431r1,secp112r1,secp112r2,secp128r1,secp128r2,sect113r1,sect113r2,sect131r1,sect131r2
f16-pki.test.com-pki-kra
cn=Directory Manager
16
true
off
transportCert cert-pki-kra
Internal Key Storage Token
default
storageCert cert-pki-kra
Internal Key Storage Token
default
Server-Cert cert-pki-kra
Internal Key Storage Token
default
subsystemCert cert-pki-kra
Internal Key Storage Token
default
auditSigningCert cert-pki-kra
Internal Key Storage Token
default
8
dc=f16-pki.test.com-pki-kra
Sleeping for 5 secs..
Sleeping for 5 secs..
#############################################
Attempting to connect to: f16-pki.test.com:10445
ERROR: unable to set ECC Cipher List
ERROR: Exception = org.mozilla.jss.ssl.SSLSocketException: Failed to enable cipher 0xc001
: (-12266) An unknown SSL cipher suite has been requested.
Connected.
Posting Query = https://f16-pki.test.com:10445//kra/admin/console/config/wizard?p=8&op=next&xml=true&transport_custom_size=2048&storage_custom_size=2048&subsystem_custom_size=2048&sslserver_custom_size=2048&audit_signing_custom_size=2048&custom_size=2048&transport_custom_curvename=nistp256&storage_custom_curvename=nistp256&subsystem_custom_curvename=nistp256&sslserver_custom_curvename=nistp256&audit_signing_custom_curvename=nistp256&custom_curvename=nistp256&transport_keytype=rsa&storage_keytype=rsa&subsystem_keytype=rsa&sslserver_keytype=rsa&audit_signing_keytype=rsa&keytype=rsa&transport_choice=custom&storage_choice=custom&subsystem_choice=custom&sslserver_choice=custom&choice=custom&audit_signing_choice=custom&signingalgorithm=SHA256withRSA&transport_signingalgorithm=SHA256withRSA
RESPONSE STATUS: HTTP/1.1 200 OK
RESPONSE HEADER: Server: Apache-Coyote/1.1
RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8
RESPONSE HEADER: Date: Wed, 01 Feb 2012 16:53:16 GMT
RESPONSE HEADER: Connection: close
admin/console/config/namepanel.vm
Certificate Authority-ca - https://f16-pki.test.com:9444External CA
success
false
16
true
Subject Names
transportCert cert-pki-kra
Internal Key Storage Token
remote
CN=DRM Transport Certificate,OU=pki-kra,O=silentdom
storageCert cert-pki-kra
Internal Key Storage Token
remote
CN=DRM Storage Certificate,OU=pki-kra,O=silentdom
Server-Cert cert-pki-kra
Internal Key Storage Token
remote
CN=f16-pki.test.com,OU=pki-kra,O=silentdom
subsystemCert cert-pki-kra
Internal Key Storage Token
remote
CN=DRM Subsystem Certificate,OU=pki-kra,O=silentdom
auditSigningCert cert-pki-kra
Internal Key Storage Token
remote
CN=DRM Audit Signing Certificate,OU=pki-kra,O=silentdom
welcome
Welcome
module
Key Store
confighsmlogin
ConfigHSMLogin
securitydomain
Security Domain
securitydomain
Display Certificate Chain
subsystem
Subsystem Type
restorekeys
Import Keys and Certificates
databasepanel
Internal Database
sizepanel
Key Pairs
namepanel
Subject Names
certrequestpanel
Requests and Certificates
backupkeys
Export Keys and Certificates
savepk12
Save Keys and Certificates
adminpanel
Administrator
importadmincertpanel
Import Administrator's Certificate
donepanel
Done
9
DRM Setup Wizard
namepanel
tag=DN value=CN=DRM Transport Certificate,OU=pki-kra,O=silentdom
tag=DN value=CN=DRM Storage Certificate,OU=pki-kra,O=silentdom
tag=DN value=CN=f16-pki.test.com,OU=pki-kra,O=silentdom
tag=DN value=CN=DRM Subsystem Certificate,OU=pki-kra,O=silentdom
tag=DN value=CN=DRM Audit Signing Certificate,OU=pki-kra,O=silentdom
default: drm_transport_cert_name=CN=DRM Transport Certificate,OU=pki-kra,O=silentdom
default: drm_storage_cert_name=CN=DRM Storage Certificate,OU=pki-kra,O=silentdom
default: drm_subsystem_cert_name=CN=DRM Subsystem Certificate,OU=pki-kra,O=silentdom
default: drm_audit_signing_cert_name=CN=DRM Audit Signing Certificate,OU=pki-kra,O=silentdom
default: server_cert_name=CN=f16-pki.test.com,OU=pki-kra,O=silentdom
Sleeping for 5 secs..
#############################################
Attempting to connect to: f16-pki.test.com:10445
ERROR: unable to set ECC Cipher List
ERROR: Exception = org.mozilla.jss.ssl.SSLSocketException: Failed to enable cipher 0xc001
: (-12266) An unknown SSL cipher suite has been requested.
Connected.
Posting Query = https://f16-pki.test.com:10445//kra/admin/console/config/wizard?p=9&op=next&xml=true&subsystem=cn%3DDRM+Subsystem+Certificate%2Co%3Dsilentdom&transport=cn%3DDRM+Transport+Certificate%2Co%3Dsilentdom&storage=cn%3DDRM+Storage+Certificate%2Co%3Dsilentdom&sslserver=cn%3Df16-pki.test.com%2Co%3Dsilentdom&audit_signing=cn%3DDRM+Audit+Signing+Certificate%2Co%3Dsilentdom&urls=https%3A%2F%2Ff16-pki.test.com%3A9444
RESPONSE STATUS: HTTP/1.1 200 OK
RESPONSE HEADER: Server: Apache-Coyote/1.1
RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8
RESPONSE HEADER: Date: Wed, 01 Feb 2012 16:54:22 GMT
RESPONSE HEADER: Connection: close
admin/console/config/certrequestpanel.vm
transportCert cert-pki-kra
Internal Key Storage Token
-----BEGIN CERTIFICATE REQUEST-----
MIICfTCCAWUCAQAwODESMBAGA1UEChMJc2lsZW50ZG9tMSIwIAYDVQQDExlEUk0gVHJhbnNwb3J0
IENlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5z2tLLmB+ltym6q9
87Er6XxNPDbAS2fY/wF1ft2+lArHtZMdbiSF4afDeT/SkpJUPv91bnbiJJASy4UxQNnZuodsOCza
wJQ8g4wZG975p3XMoo9iyYMVIgqLDdSquktqPJ1O3fSETyPiwQMUGdI2V6bltJXTyGGBbJ/wI/7Z
x9i16eVQtGHaAYkhzJRP6hm3HTL7d8/bAxQeSByni1b87GXmqNRmwVXNXmt7zdZmDQoJ3coYJ+KQ
eFaNPVvf4l6RZq9x9G0Q7xNJDIIJ/LysHtogztnaCykZ80/3VUfq12JPfMlQhd8iKx+nOWbtFeJy
jBUz0UnZCUqUdLkGq069jwIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBAH1vlaNOkqbTBDXT2VQU
DuW1eLNZvPbxuhzbnpqBf3guLSl+PVDlXsGWDbE2+e+FDyjGRsl46BtmhTKuC2dYG8Fn47verbW2
X9eM/2ka7QIAXhXFDn17EQTwLQnE4u7G0lwCtId0xRdXvaYiW6x3E1h8i4qRZXXPiR9jGBnMfe7W
M+eY+IMxVaeet3Fyxryv6o/YWKT1DwicwJywjXUJlqn/WuAy7jpGXHHR39d2gaDwujY3G0MjlNPZ
gT/Q/LPaqKKRxFgykfBnKDTv9eF0RRHWtFhBN5MHbRibhrrPJTJvjvko/lrwL0a5oJhU27JUKIa0
71AMOkQyEdyIWzfFH7c=
-----END CERTIFICATE REQUEST-----
-----BEGIN CERTIFICATE-----
MIIDdjCCAl6gAwIBAgIBBzANBgkqhkiG9w0BAQ0FADA3MRIwEAYDVQQKEwlzaWxlbnRkb20xITAf
BgNVBAMTGENlcnRpZmljYXRlIEF1dGhvcml0eS1jYTAeFw0xMjAyMDExNjUzNDBaFw0xNDAxMjEx
NjUzNDBaMDgxEjAQBgNVBAoTCXNpbGVudGRvbTEiMCAGA1UEAxMZRFJNIFRyYW5zcG9ydCBDZXJ0
aWZpY2F0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOc9rSy5gfpbcpuqvfOxK+l8
TTw2wEtn2P8BdX7dvpQKx7WTHW4kheGnw3k/0pKSVD7/dW524iSQEsuFMUDZ2bqHbDgs2sCUPIOM
GRve+ad1zKKPYsmDFSIKiw3UqrpLajydTt30hE8j4sEDFBnSNlem5bSV08hhgWyf8CP+2cfYtenl
ULRh2gGJIcyUT+oZtx0y+3fP2wMUHkgcp4tW/Oxl5qjUZsFVzV5re83WZg0KCd3KGCfikHhWjT1b
3+JekWavcfRtEO8TSQyCCfy8rB7aIM7Z2gspGfNP91VH6tdiT3zJUIXfIisfpzlm7RXicowVM9FJ
2QlKlHS5BqtOvY8CAwEAAaOBizCBiDAfBgNVHSMEGDAWgBRDrPYwkTq1hwyi1K8qYW3l52HiGjBA
BggrBgEFBQcBAQQ0MDIwMAYIKwYBBQUHMAGGJGh0dHA6Ly9mMTYtcGtpLnRlc3QuY29tOjkxODAv
Y2Evb2NzcDAOBgNVHQ8BAf8EBAMCBPAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDQYJKoZIhvcNAQEN
BQADggEBAOEx9n8s67OZeMYxbPY+BqbCVID1qmNmAuc+07RuYIuDvFX2jV22dNdQzorWcRBcWHu1
OUVGUDcdlWGKo2ze4U80fjA5OxtrrGzs6J+o5LiJwljsBBYpnFY59dw1zBTY01NHccgSBNEhDIJX
qbwOGmzT3Wf+c3XzP3TTyFqk5NHOah/0qtS8L9wsy2eImvw7d4J1eOw+wM5b8s2Bt5rhxowrzvEO
cGG06kHhiCAQgEty3cq7dXTgbJslMJylRbYk51MGu3nJcqy+oEj3HQ+C9f0n+Mu+LXFgaYVSkacF
G5JSq3DnKpcN1p1HNb4Ik1uzUbzKmtp2ttd4hUNR3Qfd7Lg=
-----END CERTIFICATE-----
remote
cn=DRM Transport Certificate,o=silentdom
Certificate:
Data:
Version: v3
Serial Number: 0x7
Signature Algorithm: SHA512withRSA - 1.2.840.113549.1.1.13
Issuer: CN=Certificate Authority-ca,O=silentdom
Validity:
Not Before: Wednesday, February 1, 2012 11:53:40 AM EST US/Eastern
Not After: Tuesday, January 21, 2014 11:53:40 AM EST US/Eastern
Subject: CN=DRM Transport Certificate,O=silentdom
Subject Public Key Info:
Algorithm: RSA - 1.2.840.113549.1.1.1
Public Key:
Exponent: 65537
Public Key Modulus: (2048 bits) :
E7:3D:AD:2C:B9:81:FA:5B:72:9B:AA:BD:F3:B1:2B:E9:
7C:4D:3C:36:C0:4B:67:D8:FF:01:75:7E:DD:BE:94:0A:
C7:B5:93:1D:6E:24:85:E1:A7:C3:79:3F:D2:92:92:54:
3E:FF:75:6E:76:E2:24:90:12:CB:85:31:40:D9:D9:BA:
87:6C:38:2C:DA:C0:94:3C:83:8C:19:1B:DE:F9:A7:75:
CC:A2:8F:62:C9:83:15:22:0A:8B:0D:D4:AA:BA:4B:6A:
3C:9D:4E:DD:F4:84:4F:23:E2:C1:03:14:19:D2:36:57:
A6:E5:B4:95:D3:C8:61:81:6C:9F:F0:23:FE:D9:C7:D8:
B5:E9:E5:50:B4:61:DA:01:89:21:CC:94:4F:EA:19:B7:
1D:32:FB:77:CF:DB:03:14:1E:48:1C:A7:8B:56:FC:EC:
65:E6:A8:D4:66:C1:55:CD:5E:6B:7B:CD:D6:66:0D:0A:
09:DD:CA:18:27:E2:90:78:56:8D:3D:5B:DF:E2:5E:91:
66:AF:71:F4:6D:10:EF:13:49:0C:82:09:FC:BC:AC:1E:
DA:20:CE:D9:DA:0B:29:19:F3:4F:F7:55:47:EA:D7:62:
4F:7C:C9:50:85:DF:22:2B:1F:A7:39:66:ED:15:E2:72:
8C:15:33:D1:49:D9:09:4A:94:74:B9:06:AB:4E:BD:8F
Extensions:
Identifier: Authority Key Identifier - 2.5.29.35
Critical: no
Key Identifier:
43:AC:F6:30:91:3A:B5:87:0C:A2:D4:AF:2A:61:6D:E5:
E7:61:E2:1A
Identifier: Authority Info Access: - 1.3.6.1.5.5.7.1.1
Critical: no
Access Description:
Method #0: ocsp
Location #0: URIName: http://f16-pki.test.com:9180/ca/ocsp
Identifier: Key Usage: - 2.5.29.15
Critical: yes
Key Usage:
Digital Signature
Non Repudiation
Key Encipherment
Data Encipherment
Identifier: Extended Key Usage: - 2.5.29.37
Critical: no
Extended Key Usage:
1.3.6.1.5.5.7.3.2
Signature:
Algorithm: SHA512withRSA - 1.2.840.113549.1.1.13
Signature:
E1:31:F6:7F:2C:EB:B3:99:78:C6:31:6C:F6:3E:06:A6:
C2:54:80:F5:AA:63:66:02:E7:3E:D3:B4:6E:60:8B:83:
BC:55:F6:8D:5D:B6:74:D7:50:CE:8A:D6:71:10:5C:58:
7B:B5:39:45:46:50:37:1D:95:61:8A:A3:6C:DE:E1:4F:
34:7E:30:39:3B:1B:6B:AC:6C:EC:E8:9F:A8:E4:B8:89:
C2:58:EC:04:16:29:9C:56:39:F5:DC:35:CC:14:D8:D3:
53:47:71:C8:12:04:D1:21:0C:82:57:A9:BC:0E:1A:6C:
D3:DD:67:FE:73:75:F3:3F:74:D3:C8:5A:A4:E4:D1:CE:
6A:1F:F4:AA:D4:BC:2F:DC:2C:CB:67:88:9A:FC:3B:77:
82:75:78:EC:3E:C0:CE:5B:F2:CD:81:B7:9A:E1:C6:8C:
2B:CE:F1:0E:70:61:B4:EA:41:E1:88:20:10:80:4B:72:
DD:CA:BB:75:74:E0:6C:9B:25:30:9C:A5:45:B6:24:E7:
53:06:BB:79:C9:72:AC:BE:A0:48:F7:1D:0F:82:F5:FD:
27:F8:CB:BE:2D:71:60:69:85:52:91:A7:05:1B:92:52:
AB:70:E7:2A:97:0D:D6:9D:47:35:BE:08:93:5B:B3:51:
BC:CA:9A:DA:76:B6:D7:78:85:43:51:DD:07:DD:EC:B8
FingerPrint
MD2:
11:B1:4B:5C:EE:52:9C:0E:05:EF:C1:2D:5F:8F:43:1B
MD5:
03:01:AA:A2:8C:95:A5:11:1F:4B:64:5E:67:26:F1:1E
SHA1:
5F:C0:48:D7:75:39:C2:87:AC:07:32:BF:74:C2:7B:4F:
2D:FA:11:8A
SHA256:
C9:80:79:82:D1:DC:15:50:D8:BA:6A:A0:75:50:58:52:
7B:C1:F1:D5:82:F5:74:89:27:27:F6:F6:E2:65:49:D1
SHA512:
00:4D:15:1B:7C:CE:56:7C:24:02:86:3E:A1:19:CB:91:
04:1D:8F:AE:EA:11:0A:FE:52:E6:1A:E1:F2:5C:B2:00:
23:B5:58:E2:88:39:D9:19:55:96:3D:F7:E2:52:34:5E:
16:D0:7D:56:5B:84:93:82:D2:BB:28:16:7B:F8:C9:A1
storageCert cert-pki-kra
Internal Key Storage Token
-----BEGIN CERTIFICATE REQUEST-----
MIICezCCAWMCAQAwNjESMBAGA1UEChMJc2lsZW50ZG9tMSAwHgYDVQQDExdEUk0gU3RvcmFnZSBD
ZXJ0aWZpY2F0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANwyRYt7n/CUcY4LXXAm
3q4fLQ7g/T9Evuz/3i5PowQza3tmTGc7eD97IpacFiPrPSlnLmQszzlOFeq9xgPXMv8duLqvVuIF
69gSNKA+NhmxO84bK0cJ6UDsqjh7W6UVE5En8A3EvQHBR/q+XB7jRg17rx0UVG+KsmdBxNoJCtZF
HArmSGSQoC3coawZsOMNKhMLZHb7LxZWIbGh5xgDkj9yvbx7abF1kEKcXvkpVSOY4BoeXlf/91sf
QJdS10QnNAjR0JjUYvcUtKy7qO2aIwIK6viSVkWazhZBDq847WETYg34WwiY1Yq2/AZGzl+kZ0Z5
yC877s/DXkT7x/NngkMCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQAJaYyP/9vZxz9SU1qsxKyB
QbdHfkctN6Q9ttDw2KPTuMl+5cdwSnXT/QOM5BTEMR4c7UMisHOkrH6DEqqmmmBfZJycFZYxqKPm
LUldocoHgIaESk1YfYpBh1Hu4hhpdixBkVPEXbnlZEa4x6ea7MvNlt8+BiKdcQrV/+uICsCgi1gt
RdoH0+q1Vdn2P9bv2/pcgxh6EQ2EEj5mwqyiuDuMj2Ni+unMgG2ZAP9jaH4DrgshwqO2SzdzxpxW
+Rt8j+OQ3k0DrikGMzMt9REAcKmDl3LUr6UpNlmHLPgYDd3v7SbNylPKwnsYqIY1nHrErU9emkGh
SYhNTlrZ6Q0505aq
-----END CERTIFICATE REQUEST-----
-----BEGIN CERTIFICATE-----
MIIDdDCCAlygAwIBAgIBCDANBgkqhkiG9w0BAQ0FADA3MRIwEAYDVQQKEwlzaWxlbnRkb20xITAf
BgNVBAMTGENlcnRpZmljYXRlIEF1dGhvcml0eS1jYTAeFw0xMjAyMDExNjUzNDlaFw0xNDAxMjEx
NjUzNDlaMDYxEjAQBgNVBAoTCXNpbGVudGRvbTEgMB4GA1UEAxMXRFJNIFN0b3JhZ2UgQ2VydGlm
aWNhdGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcMkWLe5/wlHGOC11wJt6uHy0O
4P0/RL7s/94uT6MEM2t7ZkxnO3g/eyKWnBYj6z0pZy5kLM85ThXqvcYD1zL/Hbi6r1biBevYEjSg
PjYZsTvOGytHCelA7Ko4e1ulFRORJ/ANxL0BwUf6vlwe40YNe68dFFRvirJnQcTaCQrWRRwK5khk
kKAt3KGsGbDjDSoTC2R2+y8WViGxoecYA5I/cr28e2mxdZBCnF75KVUjmOAaHl5X//dbH0CXUtdE
JzQI0dCY1GL3FLSsu6jtmiMCCur4klZFms4WQQ6vOO1hE2IN+FsImNWKtvwGRs5fpGdGecgvO+7P
w15E+8fzZ4JDAgMBAAGjgYswgYgwHwYDVR0jBBgwFoAUQ6z2MJE6tYcMotSvKmFt5edh4howQAYI
KwYBBQUHAQEENDAyMDAGCCsGAQUFBzABhiRodHRwOi8vZjE2LXBraS50ZXN0LmNvbTo5MTgwL2Nh
L29jc3AwDgYDVR0PAQH/BAQDAgTwMBMGA1UdJQQMMAoGCCsGAQUFBwMCMA0GCSqGSIb3DQEBDQUA
A4IBAQDYU5nUd0Yhro/Dzh+136pvudurEVJRJ9KM4SXleGWimpQWDYfBttbvi064Od2+o7yWT1Ii
kAkJlA6FeGYJqlB5TAEhNuaqiDEvmlKpbN/k/BoXib//Uk6+bBYmqj5J3E8vdw6zmAzcnAjlaABp
4ribeLcT4s1DRZHFTwqiahx1y7B7j6qZlqxeXVEWACQqxotE6oODHjb1XWLgzNNL+i+j5HBC6wde
1Z19t9bAUtSROPz/nc4qkstuxGpP9UEqHTWzfoJgWdwrCVytVPKgcg5JlD2AKLK0VP9Y50vUhrzK
YznFI3lWZogKlSMggsXTyiAjIa8SmOMAZgffE9AwpH6j
-----END CERTIFICATE-----
remote
cn=DRM Storage Certificate,o=silentdom
Certificate:
Data:
Version: v3
Serial Number: 0x8
Signature Algorithm: SHA512withRSA - 1.2.840.113549.1.1.13
Issuer: CN=Certificate Authority-ca,O=silentdom
Validity:
Not Before: Wednesday, February 1, 2012 11:53:49 AM EST US/Eastern
Not After: Tuesday, January 21, 2014 11:53:49 AM EST US/Eastern
Subject: CN=DRM Storage Certificate,O=silentdom
Subject Public Key Info:
Algorithm: RSA - 1.2.840.113549.1.1.1
Public Key:
Exponent: 65537
Public Key Modulus: (2048 bits) :
DC:32:45:8B:7B:9F:F0:94:71:8E:0B:5D:70:26:DE:AE:
1F:2D:0E:E0:FD:3F:44:BE:EC:FF:DE:2E:4F:A3:04:33:
6B:7B:66:4C:67:3B:78:3F:7B:22:96:9C:16:23:EB:3D:
29:67:2E:64:2C:CF:39:4E:15:EA:BD:C6:03:D7:32:FF:
1D:B8:BA:AF:56:E2:05:EB:D8:12:34:A0:3E:36:19:B1:
3B:CE:1B:2B:47:09:E9:40:EC:AA:38:7B:5B:A5:15:13:
91:27:F0:0D:C4:BD:01:C1:47:FA:BE:5C:1E:E3:46:0D:
7B:AF:1D:14:54:6F:8A:B2:67:41:C4:DA:09:0A:D6:45:
1C:0A:E6:48:64:90:A0:2D:DC:A1:AC:19:B0:E3:0D:2A:
13:0B:64:76:FB:2F:16:56:21:B1:A1:E7:18:03:92:3F:
72:BD:BC:7B:69:B1:75:90:42:9C:5E:F9:29:55:23:98:
E0:1A:1E:5E:57:FF:F7:5B:1F:40:97:52:D7:44:27:34:
08:D1:D0:98:D4:62:F7:14:B4:AC:BB:A8:ED:9A:23:02:
0A:EA:F8:92:56:45:9A:CE:16:41:0E:AF:38:ED:61:13:
62:0D:F8:5B:08:98:D5:8A:B6:FC:06:46:CE:5F:A4:67:
46:79:C8:2F:3B:EE:CF:C3:5E:44:FB:C7:F3:67:82:43
Extensions:
Identifier: Authority Key Identifier - 2.5.29.35
Critical: no
Key Identifier:
43:AC:F6:30:91:3A:B5:87:0C:A2:D4:AF:2A:61:6D:E5:
E7:61:E2:1A
Identifier: Authority Info Access: - 1.3.6.1.5.5.7.1.1
Critical: no
Access Description:
Method #0: ocsp
Location #0: URIName: http://f16-pki.test.com:9180/ca/ocsp
Identifier: Key Usage: - 2.5.29.15
Critical: yes
Key Usage:
Digital Signature
Non Repudiation
Key Encipherment
Data Encipherment
Identifier: Extended Key Usage: - 2.5.29.37
Critical: no
Extended Key Usage:
1.3.6.1.5.5.7.3.2
Signature:
Algorithm: SHA512withRSA - 1.2.840.113549.1.1.13
Signature:
D8:53:99:D4:77:46:21:AE:8F:C3:CE:1F:B5:DF:AA:6F:
B9:DB:AB:11:52:51:27:D2:8C:E1:25:E5:78:65:A2:9A:
94:16:0D:87:C1:B6:D6:EF:8B:4E:B8:39:DD:BE:A3:BC:
96:4F:52:22:90:09:09:94:0E:85:78:66:09:AA:50:79:
4C:01:21:36:E6:AA:88:31:2F:9A:52:A9:6C:DF:E4:FC:
1A:17:89:BF:FF:52:4E:BE:6C:16:26:AA:3E:49:DC:4F:
2F:77:0E:B3:98:0C:DC:9C:08:E5:68:00:69:E2:B8:9B:
78:B7:13:E2:CD:43:45:91:C5:4F:0A:A2:6A:1C:75:CB:
B0:7B:8F:AA:99:96:AC:5E:5D:51:16:00:24:2A:C6:8B:
44:EA:83:83:1E:36:F5:5D:62:E0:CC:D3:4B:FA:2F:A3:
E4:70:42:EB:07:5E:D5:9D:7D:B7:D6:C0:52:D4:91:38:
FC:FF:9D:CE:2A:92:CB:6E:C4:6A:4F:F5:41:2A:1D:35:
B3:7E:82:60:59:DC:2B:09:5C:AD:54:F2:A0:72:0E:49:
94:3D:80:28:B2:B4:54:FF:58:E7:4B:D4:86:BC:CA:63:
39:C5:23:79:56:66:88:0A:95:23:20:82:C5:D3:CA:20:
23:21:AF:12:98:E3:00:66:07:DF:13:D0:30:A4:7E:A3
FingerPrint
MD2:
26:FB:AF:41:A4:E6:BC:3B:05:CF:97:67:6A:21:3F:F5
MD5:
F7:98:16:14:D6:4E:3F:40:36:0C:A5:52:C1:90:D6:30
SHA1:
F6:A3:3C:FF:2D:7F:74:02:C6:87:DF:2F:D2:B3:C6:06:
95:98:BD:D6
SHA256:
B7:DC:F9:82:C4:FE:06:12:5B:9A:E5:A2:CB:AB:38:F4:
E2:0D:F4:AB:71:C5:4F:32:D3:14:73:9F:4C:39:55:46
SHA512:
4D:0B:0E:8B:A8:65:1C:B7:55:58:82:30:A0:0A:DB:E4:
10:4C:51:F0:AD:AA:CA:00:E8:52:9A:16:97:9B:4F:A0:
3C:65:AF:FE:7E:7E:A3:51:AA:27:51:1A:51:8E:4C:37:
9E:BB:48:41:DB:6D:2C:E3:93:91:D2:35:2A:22:B5:7C
Server-Cert cert-pki-kra
Internal Key Storage Token
-----BEGIN CERTIFICATE REQUEST-----
MIICdDCCAVwCAQAwLzESMBAGA1UEChMJc2lsZW50ZG9tMRkwFwYDVQQDExBmMTYtcGtpLnRlc3Qu
Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8X2y2g4cGBcRxxMDQRkv266mIDLr
tNT82ltaFB4jGgU1Vik7CHaSxxCYyg7ptJbJ6xf6SL0uRdNRDFHmC4KuF8WeXoNYx0fGwQIHHcYr
HAdI/lNKz31MFfb3kSFwj6PJ4Pp1Ofc0sMsLBCfxnIQkUMmsBr4PCOI+8OqYeD5DcWsQ507UDs7e
vuQpiBkPTaz33GqSQCgtdODSiFeJ1gPRWUcwO80vFYEAHibuGJBBqzDxm11ojSgGlZDx2klFK+lZ
b0KY/UIgsCKWqsSqzpSOKlFT7twHM2q0EkAwarUzXS6m44Zcq9xNQSbr0WtBc5hn2f1/kzRmdNBH
Z1RAOXM1XQIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBAH2/7/5g7+aZg95XxU7HvXTEsZpqxAuP
yFLnIav8BIuoH+ALvhmpDS7Bfl3w4J7kgsLQnc2FXG3VkZ0em3FUoVA+qy90CGZVlbuu+RjUxShP
WNQPer6fX2azzoqMYQOLWPeSH5F1OG3kaHhzaHz1hP9pdDKvPnjCh+twipvnHDWMGIZc67brWeyd
r9OLabdwQJ6YD8EBy528VAGGPrn6hivsKiQd3QzsZvOffTNF1DoqXB3Kco4yYhhxfpK85Rh3J//4
VHOOxvL0hDWhSiXgIma/Q0NeBOc/MD8vc0H3KK3+wDoe4L/ch8r+pcf+6e4KDkfvIURs8BOAgqRC
d80ZoIw=
-----END CERTIFICATE REQUEST-----
-----BEGIN CERTIFICATE-----
MIIDgTCCAmmgAwIBAgIBCTANBgkqhkiG9w0BAQ0FADA3MRIwEAYDVQQKEwlzaWxlbnRkb20xITAf
BgNVBAMTGENlcnRpZmljYXRlIEF1dGhvcml0eS1jYTAeFw0xMjAyMDExNjUzNTVaFw0xNDAxMjEx
NjUzNTVaMC8xEjAQBgNVBAoTCXNpbGVudGRvbTEZMBcGA1UEAxMQZjE2LXBraS50ZXN0LmNvbTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPF9stoOHBgXEccTA0EZL9uupiAy67TU/Npb
WhQeIxoFNVYpOwh2kscQmMoO6bSWyesX+ki9LkXTUQxR5guCrhfFnl6DWMdHxsECBx3GKxwHSP5T
Ss99TBX295EhcI+jyeD6dTn3NLDLCwQn8ZyEJFDJrAa+DwjiPvDqmHg+Q3FrEOdO1A7O3r7kKYgZ
D02s99xqkkAoLXTg0ohXidYD0VlHMDvNLxWBAB4m7hiQQasw8ZtdaI0oBpWQ8dpJRSvpWW9CmP1C
ILAilqrEqs6UjipRU+7cBzNqtBJAMGq1M10upuOGXKvcTUEm69FrQXOYZ9n9f5M0ZnTQR2dUQDlz
NV0CAwEAAaOBnzCBnDAfBgNVHSMEGDAWgBRDrPYwkTq1hwyi1K8qYW3l52HiGjBABggrBgEFBQcB
AQQ0MDIwMAYIKwYBBQUHMAGGJGh0dHA6Ly9mMTYtcGtpLnRlc3QuY29tOjkxODAvY2Evb2NzcDAO
BgNVHQ8BAf8EBAMCBPAwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDAN
BgkqhkiG9w0BAQ0FAAOCAQEALc3dDx7pGzxMNvALNIzxy6aK4n0xNNf+ye7J8N/S4dpNogOOSs6Q
MpZ/7o1hDUpDC8yi8NCZC4M0OmNl5JQ0we0InwjTaRgfK64a5w2wzAya8uq1DGsKznIbAlyTlyHY
xqqcGnfoMSmmh5twP2bv9ZILfHmUneUB44KOVAtrvtyQjKXq4YqZ30BWiAXoKHGgew0fBIhE0VbX
kXYsx4u5hsVPvXB6ILclaSfBDXWpadBN92od/+UuqNYxalTWip9WSgP1xM4BAuAI2fcTU0p6OtmS
WmpnOav8eKflesgMnfDEd/iNBY4mk7tJ/s6Iw3dtKmodPTJFU9k1qfQF5M2HKQ==
-----END CERTIFICATE-----
remote
cn=f16-pki.test.com,o=silentdom
Certificate:
Data:
Version: v3
Serial Number: 0x9
Signature Algorithm: SHA512withRSA - 1.2.840.113549.1.1.13
Issuer: CN=Certificate Authority-ca,O=silentdom
Validity:
Not Before: Wednesday, February 1, 2012 11:53:55 AM EST US/Eastern
Not After: Tuesday, January 21, 2014 11:53:55 AM EST US/Eastern
Subject: CN=f16-pki.test.com,O=silentdom
Subject Public Key Info:
Algorithm: RSA - 1.2.840.113549.1.1.1
Public Key:
Exponent: 65537
Public Key Modulus: (2048 bits) :
F1:7D:B2:DA:0E:1C:18:17:11:C7:13:03:41:19:2F:DB:
AE:A6:20:32:EB:B4:D4:FC:DA:5B:5A:14:1E:23:1A:05:
35:56:29:3B:08:76:92:C7:10:98:CA:0E:E9:B4:96:C9:
EB:17:FA:48:BD:2E:45:D3:51:0C:51:E6:0B:82:AE:17:
C5:9E:5E:83:58:C7:47:C6:C1:02:07:1D:C6:2B:1C:07:
48:FE:53:4A:CF:7D:4C:15:F6:F7:91:21:70:8F:A3:C9:
E0:FA:75:39:F7:34:B0:CB:0B:04:27:F1:9C:84:24:50:
C9:AC:06:BE:0F:08:E2:3E:F0:EA:98:78:3E:43:71:6B:
10:E7:4E:D4:0E:CE:DE:BE:E4:29:88:19:0F:4D:AC:F7:
DC:6A:92:40:28:2D:74:E0:D2:88:57:89:D6:03:D1:59:
47:30:3B:CD:2F:15:81:00:1E:26:EE:18:90:41:AB:30:
F1:9B:5D:68:8D:28:06:95:90:F1:DA:49:45:2B:E9:59:
6F:42:98:FD:42:20:B0:22:96:AA:C4:AA:CE:94:8E:2A:
51:53:EE:DC:07:33:6A:B4:12:40:30:6A:B5:33:5D:2E:
A6:E3:86:5C:AB:DC:4D:41:26:EB:D1:6B:41:73:98:67:
D9:FD:7F:93:34:66:74:D0:47:67:54:40:39:73:35:5D
Extensions:
Identifier: Authority Key Identifier - 2.5.29.35
Critical: no
Key Identifier:
43:AC:F6:30:91:3A:B5:87:0C:A2:D4:AF:2A:61:6D:E5:
E7:61:E2:1A
Identifier: Authority Info Access: - 1.3.6.1.5.5.7.1.1
Critical: no
Access Description:
Method #0: ocsp
Location #0: URIName: http://f16-pki.test.com:9180/ca/ocsp
Identifier: Key Usage: - 2.5.29.15
Critical: yes
Key Usage:
Digital Signature
Non Repudiation
Key Encipherment
Data Encipherment
Identifier: Extended Key Usage: - 2.5.29.37
Critical: no
Extended Key Usage:
1.3.6.1.5.5.7.3.1
1.3.6.1.5.5.7.3.2
1.3.6.1.5.5.7.3.4
Signature:
Algorithm: SHA512withRSA - 1.2.840.113549.1.1.13
Signature:
2D:CD:DD:0F:1E:E9:1B:3C:4C:36:F0:0B:34:8C:F1:CB:
A6:8A:E2:7D:31:34:D7:FE:C9:EE:C9:F0:DF:D2:E1:DA:
4D:A2:03:8E:4A:CE:90:32:96:7F:EE:8D:61:0D:4A:43:
0B:CC:A2:F0:D0:99:0B:83:34:3A:63:65:E4:94:34:C1:
ED:08:9F:08:D3:69:18:1F:2B:AE:1A:E7:0D:B0:CC:0C:
9A:F2:EA:B5:0C:6B:0A:CE:72:1B:02:5C:93:97:21:D8:
C6:AA:9C:1A:77:E8:31:29:A6:87:9B:70:3F:66:EF:F5:
92:0B:7C:79:94:9D:E5:01:E3:82:8E:54:0B:6B:BE:DC:
90:8C:A5:EA:E1:8A:99:DF:40:56:88:05:E8:28:71:A0:
7B:0D:1F:04:88:44:D1:56:D7:91:76:2C:C7:8B:B9:86:
C5:4F:BD:70:7A:20:B7:25:69:27:C1:0D:75:A9:69:D0:
4D:F7:6A:1D:FF:E5:2E:A8:D6:31:6A:54:D6:8A:9F:56:
4A:03:F5:C4:CE:01:02:E0:08:D9:F7:13:53:4A:7A:3A:
D9:92:5A:6A:67:39:AB:FC:78:A7:E5:7A:C8:0C:9D:F0:
C4:77:F8:8D:05:8E:26:93:BB:49:FE:CE:88:C3:77:6D:
2A:6A:1D:3D:32:45:53:D9:35:A9:F4:05:E4:CD:87:29
FingerPrint
MD2:
CD:CA:CE:85:D1:29:96:56:53:EB:7F:D8:BD:30:99:35
MD5:
98:29:C5:25:E7:60:71:40:C0:70:42:13:55:1C:70:32
SHA1:
30:C9:83:3B:B7:64:E3:63:B6:52:02:6B:01:3C:EC:97:
7A:D8:3C:D0
SHA256:
CF:D1:09:04:EB:D4:B4:E5:90:72:5C:C1:B3:0A:32:59:
F7:89:9F:54:B4:36:4F:71:96:73:10:C3:11:93:3A:76
SHA512:
4B:55:59:96:EE:59:E5:B1:97:91:FD:5C:7B:9F:37:74:
F2:CB:4A:13:8D:43:C9:99:EA:5B:85:6C:69:65:D1:F8:
69:08:0D:D8:56:E1:B8:05:54:78:3E:C0:77:73:90:D4:
31:47:B5:98:AB:EE:50:F0:C4:86:8C:05:D9:B6:8A:DD
subsystemCert cert-pki-kra
Internal Key Storage Token
-----BEGIN CERTIFICATE REQUEST-----
MIICfTCCAWUCAQAwODESMBAGA1UEChMJc2lsZW50ZG9tMSIwIAYDVQQDExlEUk0gU3Vic3lzdGVt
IENlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGKm0z0ZIqOb4VlJ
DLzkJ7s2hr/EDk++KTCQR4edVzt7f6Iu8w/U4ScWBz7RuVc1tb//G8yC6MiJngsDpZF86vvxSIOe
QZAzACZXv97S1PerIiEryhC13hJvtmAdKPToGSXfnoylQ3J0wR83I3gSvXOe/a71DA++XqWBoa/Q
xhNLNUG39StYwGGDE3/ROaW2cnxG7A0WMpuPtuLi4Hxz9u7ub+QZ6R8RnTCxkiVQ9XlMXc3frT2n
ETeutXjOyxBNL6Kn1jwocmGXdQMv8ZlwHfLuYuoA8XITN7KYWd0lQW34cN83gLjHferqPbRjXaEL
YmzfFVGSykD97qjHkwPFeQIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBACzFiBjNFMRw2EbLDIAT
H8MsIk1YIQBK6SpO7EJzMyi9Lti7qsHq4gqAazsbclnPHBUkqx6MP0mpfGBCaCwgFysXzGeeotWr
y7MamLlOOzL1ErCG2y/NhP9laO/xlspt47xHY+5/xdlWfgAy2+Ur4DEnbbMWXfEshAqtgUufXv2y
e0UnKF7OontKPUBkpAEfjLvHXUdlj7Es3Vd+//YABDboc/usTGaaqWNmbnVT66QTQ9TD9pogEjCk
GA4DnBYLQDEQYWD3sjzrcxCoj0Up5Aahc90T6I4+KjTirVigITS6YXnUR8Kh0fEPQFFrNdtovyiS
SqxZJH1R/vkuyoRhyqk=
-----END CERTIFICATE REQUEST-----
-----BEGIN CERTIFICATE-----
MIIDdjCCAl6gAwIBAgIBCjANBgkqhkiG9w0BAQ0FADA3MRIwEAYDVQQKEwlzaWxlbnRkb20xITAf
BgNVBAMTGENlcnRpZmljYXRlIEF1dGhvcml0eS1jYTAeFw0xMjAyMDExNjUzNThaFw0xNDAxMjEx
NjUzNThaMDgxEjAQBgNVBAoTCXNpbGVudGRvbTEiMCAGA1UEAxMZRFJNIFN1YnN5c3RlbSBDZXJ0
aWZpY2F0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBiptM9GSKjm+FZSQy85Ce7
Noa/xA5PvikwkEeHnVc7e3+iLvMP1OEnFgc+0blXNbW//xvMgujIiZ4LA6WRfOr78UiDnkGQMwAm
V7/e0tT3qyIhK8oQtd4Sb7ZgHSj06Bkl356MpUNydMEfNyN4Er1znv2u9QwPvl6lgaGv0MYTSzVB
t/UrWMBhgxN/0TmltnJ8RuwNFjKbj7bi4uB8c/bu7m/kGekfEZ0wsZIlUPV5TF3N3609pxE3rrV4
zssQTS+ip9Y8KHJhl3UDL/GZcB3y7mLqAPFyEzeymFndJUFt+HDfN4C4x33q6j20Y12hC2Js3xVR
kspA/e6ox5MDxXkCAwEAAaOBizCBiDAfBgNVHSMEGDAWgBRDrPYwkTq1hwyi1K8qYW3l52HiGjBA
BggrBgEFBQcBAQQ0MDIwMAYIKwYBBQUHMAGGJGh0dHA6Ly9mMTYtcGtpLnRlc3QuY29tOjkxODAv
Y2Evb2NzcDAOBgNVHQ8BAf8EBAMCBPAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDQYJKoZIhvcNAQEN
BQADggEBAJidsPPb8YSYRE/1R/VsMrCkTaIQ9iR1WbL0oIIyV0quVjStuVC0IqX+R92PPT3qS2OE
vYjMp6dPyaQYZwWDOj7VM0v5FO8G82jnT5Fy0NCvAg59+Ua4IeMKWN1NjWVUkmI6z+en8v7aUmLW
Fsmpu7aWKM8WJQpcpbezPYJWo1dmX1UDKjBYblNqagljsa/u1ig+z7GGbINDIZGNQKvPAtpONGZi
HK2I9tLFwRfu6lf7/V0wA/f7JNFtfKyblwG2BeS74JFxSDbZuSjXjD2C1f78uuIf4GvrgBi4Ca7H
KpNsZGMBRDC60tYHcnJzur89ssQrJpVTkJR+0oiFliQe2P4=
-----END CERTIFICATE-----
remote
cn=DRM Subsystem Certificate,o=silentdom
Certificate:
Data:
Version: v3
Serial Number: 0xA
Signature Algorithm: SHA512withRSA - 1.2.840.113549.1.1.13
Issuer: CN=Certificate Authority-ca,O=silentdom
Validity:
Not Before: Wednesday, February 1, 2012 11:53:58 AM EST US/Eastern
Not After: Tuesday, January 21, 2014 11:53:58 AM EST US/Eastern
Subject: CN=DRM Subsystem Certificate,O=silentdom
Subject Public Key Info:
Algorithm: RSA - 1.2.840.113549.1.1.1
Public Key:
Exponent: 65537
Public Key Modulus: (2048 bits) :
B0:62:A6:D3:3D:19:22:A3:9B:E1:59:49:0C:BC:E4:27:
BB:36:86:BF:C4:0E:4F:BE:29:30:90:47:87:9D:57:3B:
7B:7F:A2:2E:F3:0F:D4:E1:27:16:07:3E:D1:B9:57:35:
B5:BF:FF:1B:CC:82:E8:C8:89:9E:0B:03:A5:91:7C:EA:
FB:F1:48:83:9E:41:90:33:00:26:57:BF:DE:D2:D4:F7:
AB:22:21:2B:CA:10:B5:DE:12:6F:B6:60:1D:28:F4:E8:
19:25:DF:9E:8C:A5:43:72:74:C1:1F:37:23:78:12:BD:
73:9E:FD:AE:F5:0C:0F:BE:5E:A5:81:A1:AF:D0:C6:13:
4B:35:41:B7:F5:2B:58:C0:61:83:13:7F:D1:39:A5:B6:
72:7C:46:EC:0D:16:32:9B:8F:B6:E2:E2:E0:7C:73:F6:
EE:EE:6F:E4:19:E9:1F:11:9D:30:B1:92:25:50:F5:79:
4C:5D:CD:DF:AD:3D:A7:11:37:AE:B5:78:CE:CB:10:4D:
2F:A2:A7:D6:3C:28:72:61:97:75:03:2F:F1:99:70:1D:
F2:EE:62:EA:00:F1:72:13:37:B2:98:59:DD:25:41:6D:
F8:70:DF:37:80:B8:C7:7D:EA:EA:3D:B4:63:5D:A1:0B:
62:6C:DF:15:51:92:CA:40:FD:EE:A8:C7:93:03:C5:79
Extensions:
Identifier: Authority Key Identifier - 2.5.29.35
Critical: no
Key Identifier:
43:AC:F6:30:91:3A:B5:87:0C:A2:D4:AF:2A:61:6D:E5:
E7:61:E2:1A
Identifier: Authority Info Access: - 1.3.6.1.5.5.7.1.1
Critical: no
Access Description:
Method #0: ocsp
Location #0: URIName: http://f16-pki.test.com:9180/ca/ocsp
Identifier: Key Usage: - 2.5.29.15
Critical: yes
Key Usage:
Digital Signature
Non Repudiation
Key Encipherment
Data Encipherment
Identifier: Extended Key Usage: - 2.5.29.37
Critical: no
Extended Key Usage:
1.3.6.1.5.5.7.3.2
Signature:
Algorithm: SHA512withRSA - 1.2.840.113549.1.1.13
Signature:
98:9D:B0:F3:DB:F1:84:98:44:4F:F5:47:F5:6C:32:B0:
A4:4D:A2:10:F6:24:75:59:B2:F4:A0:82:32:57:4A:AE:
56:34:AD:B9:50:B4:22:A5:FE:47:DD:8F:3D:3D:EA:4B:
63:84:BD:88:CC:A7:A7:4F:C9:A4:18:67:05:83:3A:3E:
D5:33:4B:F9:14:EF:06:F3:68:E7:4F:91:72:D0:D0:AF:
02:0E:7D:F9:46:B8:21:E3:0A:58:DD:4D:8D:65:54:92:
62:3A:CF:E7:A7:F2:FE:DA:52:62:D6:16:C9:A9:BB:B6:
96:28:CF:16:25:0A:5C:A5:B7:B3:3D:82:56:A3:57:66:
5F:55:03:2A:30:58:6E:53:6A:6A:09:63:B1:AF:EE:D6:
28:3E:CF:B1:86:6C:83:43:21:91:8D:40:AB:CF:02:DA:
4E:34:66:62:1C:AD:88:F6:D2:C5:C1:17:EE:EA:57:FB:
FD:5D:30:03:F7:FB:24:D1:6D:7C:AC:9B:97:01:B6:05:
E4:BB:E0:91:71:48:36:D9:B9:28:D7:8C:3D:82:D5:FE:
FC:BA:E2:1F:E0:6B:EB:80:18:B8:09:AE:C7:2A:93:6C:
64:63:01:44:30:BA:D2:D6:07:72:72:73:BA:BF:3D:B2:
C4:2B:26:95:53:90:94:7E:D2:88:85:96:24:1E:D8:FE
FingerPrint
MD2:
58:19:30:EE:D2:4F:6F:7D:3C:5A:1E:E4:E0:DC:0E:B0
MD5:
AD:9D:8B:33:AB:F3:4E:FD:87:CC:01:15:C6:EA:FC:22
SHA1:
6F:62:3C:B0:20:72:47:51:76:C0:0A:50:A2:8E:CA:E0:
46:44:70:38
SHA256:
C4:10:5F:78:A3:68:D3:02:24:47:25:F3:33:D9:3D:0D:
D5:49:2F:2E:0F:08:12:15:CD:50:91:98:97:B2:E5:0E
SHA512:
5B:F8:B3:7E:2D:4B:03:CC:F5:D1:C4:C0:F6:B7:E9:F3:
2D:C9:B7:C4:25:8F:F9:ED:B2:99:EB:A6:CD:A3:C9:20:
D9:BC:DA:B3:00:C8:F5:C2:F8:CA:42:A8:43:06:1E:8A:
CE:9F:FF:92:0F:E8:B6:6E:5A:8F:FB:92:4E:19:B7:2F
auditSigningCert cert-pki-kra
Internal Key Storage Token
-----BEGIN CERTIFICATE REQUEST-----
MIICgTCCAWkCAQAwPDESMBAGA1UEChMJc2lsZW50ZG9tMSYwJAYDVQQDEx1EUk0gQXVkaXQgU2ln
bmluZyBDZXJ0aWZpY2F0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ2OplSmDA08
hyg318iIZ70zzogRntJUOyDH3KbCw4oIIFGw4PlVIflJJAr9SU+L+V5uk4+qeG3dJiORGVBkrUG8
GnMCr0fQ8kmxwCVuOjHM1m9WtycEn2stz0V8j/ieVcnszrADNZqhepDDYGz7Ep6plbGgPqm+VFVW
FMTJ5l6qB311bv7V89P1F2JRU37DShD366fnuePwwHNEnUunpsF3G/PRX5Tb7hDsoK8E6PWMdazT
xBbxL0u1LWwJa2nr8ljMVyzHlJ6NQtqkZFmLiRa0/l3joqYrbHYpUioJ147ZxrGoxQY4OUebrNzC
qjz9sohZNESZiIVNcdvLz3qfMcMCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQCdf/06cflMkdOL
do28FvgdpGvF6OBtvV6ZjKY/oeIYz5eVDvpUD1+s8Jw+GD+AI4CvDzUMo9vy5kNsRhytDgauKJAb
2v67lBugpKLQVj3vWnCcjrmVrt1hL7H+9VISD5zSIKpA7L0haCwRcCwFpkphQCzNFngHo4+F4tC7
65s/0GAIiqzWw+/1KntUeNhopBiXkAWtnCXl1cOQ/eIUeuHjY1kxjHhCOVI6jQg31I8sZOWwjmO+
XsXNSnHI48cD7SrVcmPZuNwsSbs00+w7VOmuKPw3AXjnsiTaqPtcBQWlKzSRvNkUNnbtjUTIqAzF
+5V/3X+7jtrPShcoWGW9/cQB
-----END CERTIFICATE REQUEST-----
-----BEGIN CERTIFICATE-----
MIIDYzCCAkugAwIBAgIBCzANBgkqhkiG9w0BAQ0FADA3MRIwEAYDVQQKEwlzaWxlbnRkb20xITAf
BgNVBAMTGENlcnRpZmljYXRlIEF1dGhvcml0eS1jYTAeFw0xMjAyMDExNjU0MDdaFw0xNDAxMjEx
NjU0MDdaMDwxEjAQBgNVBAoTCXNpbGVudGRvbTEmMCQGA1UEAxMdRFJNIEF1ZGl0IFNpZ25pbmcg
Q2VydGlmaWNhdGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdjqZUpgwNPIcoN9fI
iGe9M86IEZ7SVDsgx9ymwsOKCCBRsOD5VSH5SSQK/UlPi/lebpOPqnht3SYjkRlQZK1BvBpzAq9H
0PJJscAlbjoxzNZvVrcnBJ9rLc9FfI/4nlXJ7M6wAzWaoXqQw2Bs+xKeqZWxoD6pvlRVVhTEyeZe
qgd9dW7+1fPT9RdiUVN+w0oQ9+un57nj8MBzRJ1Lp6bBdxvz0V+U2+4Q7KCvBOj1jHWs08QW8S9L
tS1sCWtp6/JYzFcsx5SejULapGRZi4kWtP5d46KmK2x2KVIqCdeO2caxqMUGODlHm6zcwqo8/bKI
WTREmYiFTXHby896nzHDAgMBAAGjdTBzMB8GA1UdIwQYMBaAFEOs9jCROrWHDKLUryphbeXnYeIa
MEAGCCsGAQUFBwEBBDQwMjAwBggrBgEFBQcwAYYkaHR0cDovL2YxNi1wa2kudGVzdC5jb206OTE4
MC9jYS9vY3NwMA4GA1UdDwEB/wQEAwIGwDANBgkqhkiG9w0BAQ0FAAOCAQEAlOSVDyu0/zs2w/1W
Cn7LghUpNyEKKNRnz3KfAWnO1zxZJyuRvfX1V28Mq6+eXW+aUCcPKA6LEKGuKnLfPPYE2WbThsNd
bdRXEB/fQaiKGOJwBKObb498W6j7IXWkESsTNddr+AlRpnAYIXcsyAvZLtM3x+YUPdUYmTc0nyjM
dDllObQfRz48KdtBP8OG+wjmy5PT+Y1lE1npkt43aUovbBTNGP5jgLaW9NXo8HHjxCk2ijmgHnKG
pYByqE7LC+h2YmpudSE6IlOpUgy8SNdnuAc9KD1Z9kDhaaZZEyVdLlAp3DgkPrBSiC3lRFUG6315
/T7FlBhOCX2r0wzCp0yrFw==
-----END CERTIFICATE-----
remote
cn=DRM Audit Signing Certificate,o=silentdom
Certificate:
Data:
Version: v3
Serial Number: 0xB
Signature Algorithm: SHA512withRSA - 1.2.840.113549.1.1.13
Issuer: CN=Certificate Authority-ca,O=silentdom
Validity:
Not Before: Wednesday, February 1, 2012 11:54:07 AM EST US/Eastern
Not After: Tuesday, January 21, 2014 11:54:07 AM EST US/Eastern
Subject: CN=DRM Audit Signing Certificate,O=silentdom
Subject Public Key Info:
Algorithm: RSA - 1.2.840.113549.1.1.1
Public Key:
Exponent: 65537
Public Key Modulus: (2048 bits) :
9D:8E:A6:54:A6:0C:0D:3C:87:28:37:D7:C8:88:67:BD:
33:CE:88:11:9E:D2:54:3B:20:C7:DC:A6:C2:C3:8A:08:
20:51:B0:E0:F9:55:21:F9:49:24:0A:FD:49:4F:8B:F9:
5E:6E:93:8F:AA:78:6D:DD:26:23:91:19:50:64:AD:41:
BC:1A:73:02:AF:47:D0:F2:49:B1:C0:25:6E:3A:31:CC:
D6:6F:56:B7:27:04:9F:6B:2D:CF:45:7C:8F:F8:9E:55:
C9:EC:CE:B0:03:35:9A:A1:7A:90:C3:60:6C:FB:12:9E:
A9:95:B1:A0:3E:A9:BE:54:55:56:14:C4:C9:E6:5E:AA:
07:7D:75:6E:FE:D5:F3:D3:F5:17:62:51:53:7E:C3:4A:
10:F7:EB:A7:E7:B9:E3:F0:C0:73:44:9D:4B:A7:A6:C1:
77:1B:F3:D1:5F:94:DB:EE:10:EC:A0:AF:04:E8:F5:8C:
75:AC:D3:C4:16:F1:2F:4B:B5:2D:6C:09:6B:69:EB:F2:
58:CC:57:2C:C7:94:9E:8D:42:DA:A4:64:59:8B:89:16:
B4:FE:5D:E3:A2:A6:2B:6C:76:29:52:2A:09:D7:8E:D9:
C6:B1:A8:C5:06:38:39:47:9B:AC:DC:C2:AA:3C:FD:B2:
88:59:34:44:99:88:85:4D:71:DB:CB:CF:7A:9F:31:C3
Extensions:
Identifier: Authority Key Identifier - 2.5.29.35
Critical: no
Key Identifier:
43:AC:F6:30:91:3A:B5:87:0C:A2:D4:AF:2A:61:6D:E5:
E7:61:E2:1A
Identifier: Authority Info Access: - 1.3.6.1.5.5.7.1.1
Critical: no
Access Description:
Method #0: ocsp
Location #0: URIName: http://f16-pki.test.com:9180/ca/ocsp
Identifier: Key Usage: - 2.5.29.15
Critical: yes
Key Usage:
Digital Signature
Non Repudiation
Signature:
Algorithm: SHA512withRSA - 1.2.840.113549.1.1.13
Signature:
94:E4:95:0F:2B:B4:FF:3B:36:C3:FD:56:0A:7E:CB:82:
15:29:37:21:0A:28:D4:67:CF:72:9F:01:69:CE:D7:3C:
59:27:2B:91:BD:F5:F5:57:6F:0C:AB:AF:9E:5D:6F:9A:
50:27:0F:28:0E:8B:10:A1:AE:2A:72:DF:3C:F6:04:D9:
66:D3:86:C3:5D:6D:D4:57:10:1F:DF:41:A8:8A:18:E2:
70:04:A3:9B:6F:8F:7C:5B:A8:FB:21:75:A4:11:2B:13:
35:D7:6B:F8:09:51:A6:70:18:21:77:2C:C8:0B:D9:2E:
D3:37:C7:E6:14:3D:D5:18:99:37:34:9F:28:CC:74:39:
65:39:B4:1F:47:3E:3C:29:DB:41:3F:C3:86:FB:08:E6:
CB:93:D3:F9:8D:65:13:59:E9:92:DE:37:69:4A:2F:6C:
14:CD:18:FE:63:80:B6:96:F4:D5:E8:F0:71:E3:C4:29:
36:8A:39:A0:1E:72:86:A5:80:72:A8:4E:CB:0B:E8:76:
62:6A:6E:75:21:3A:22:53:A9:52:0C:BC:48:D7:67:B8:
07:3D:28:3D:59:F6:40:E1:69:A6:59:13:25:5D:2E:50:
29:DC:38:24:3E:B0:52:88:2D:E5:44:55:06:EB:7D:79:
FD:3E:C5:94:18:4E:09:7D:AB:D3:0C:C2:A7:4C:AB:17
FingerPrint
MD2:
E4:7D:05:4A:39:88:F2:55:D7:F4:F7:F8:A7:87:DC:F6
MD5:
89:6D:3E:9F:13:71:65:24:4B:73:12:DF:63:F2:33:63
SHA1:
CC:E6:78:91:C8:60:EF:A0:D0:A4:CC:EA:A0:C8:C0:47:
72:D7:20:5F
SHA256:
1D:ED:88:CD:1D:30:7E:0E:FD:2D:31:35:1F:FA:85:C6:
CC:B8:78:98:F3:69:64:FF:2E:2A:07:17:C9:CB:3E:68
SHA512:
92:76:62:3B:CC:1D:C1:D5:E5:A9:7D:FB:0A:C1:4F:1A:
00:45:51:A2:14:D2:FF:F5:35:F7:EA:99:30:45:3F:E5:
D9:60:6F:81:5A:25:2D:40:EC:C3:46:BE:A7:D5:6E:06:
54:16:90:93:67:2A:B8:F1:30:02:8A:C6:D6:CE:A9:E3
display
success
checked
16
Requests and Certificates
welcome
Welcome
module
Key Store
confighsmlogin
ConfigHSMLogin
securitydomain
Security Domain
securitydomain
Display Certificate Chain
subsystem
Subsystem Type
restorekeys
Import Keys and Certificates
databasepanel
Internal Database
sizepanel
Key Pairs
namepanel
Subject Names
certrequestpanel
Requests and Certificates
backupkeys
Export Keys and Certificates
savepk12
Save Keys and Certificates
adminpanel
Administrator
importadmincertpanel
Import Administrator's Certificate
donepanel
Done
10
DRM Setup Wizard
f16-pki.test.com
certrequestpanel
9444
tag=Request value=-----BEGIN CERTIFICATE REQUEST-----
MIICfTCCAWUCAQAwODESMBAGA1UEChMJc2lsZW50ZG9tMSIwIAYDVQQDExlEUk0gVHJhbnNwb3J0
IENlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5z2tLLmB+ltym6q9
87Er6XxNPDbAS2fY/wF1ft2+lArHtZMdbiSF4afDeT/SkpJUPv91bnbiJJASy4UxQNnZuodsOCza
wJQ8g4wZG975p3XMoo9iyYMVIgqLDdSquktqPJ1O3fSETyPiwQMUGdI2V6bltJXTyGGBbJ/wI/7Z
x9i16eVQtGHaAYkhzJRP6hm3HTL7d8/bAxQeSByni1b87GXmqNRmwVXNXmt7zdZmDQoJ3coYJ+KQ
eFaNPVvf4l6RZq9x9G0Q7xNJDIIJ/LysHtogztnaCykZ80/3VUfq12JPfMlQhd8iKx+nOWbtFeJy
jBUz0UnZCUqUdLkGq069jwIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBAH1vlaNOkqbTBDXT2VQU
DuW1eLNZvPbxuhzbnpqBf3guLSl+PVDlXsGWDbE2+e+FDyjGRsl46BtmhTKuC2dYG8Fn47verbW2
X9eM/2ka7QIAXhXFDn17EQTwLQnE4u7G0lwCtId0xRdXvaYiW6x3E1h8i4qRZXXPiR9jGBnMfe7W
M+eY+IMxVaeet3Fyxryv6o/YWKT1DwicwJywjXUJlqn/WuAy7jpGXHHR39d2gaDwujY3G0MjlNPZ
gT/Q/LPaqKKRxFgykfBnKDTv9eF0RRHWtFhBN5MHbRibhrrPJTJvjvko/lrwL0a5oJhU27JUKIa0
71AMOkQyEdyIWzfFH7c=
-----END CERTIFICATE REQUEST-----
tag=Request value=-----BEGIN CERTIFICATE REQUEST-----
MIICezCCAWMCAQAwNjESMBAGA1UEChMJc2lsZW50ZG9tMSAwHgYDVQQDExdEUk0gU3RvcmFnZSBD
ZXJ0aWZpY2F0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANwyRYt7n/CUcY4LXXAm
3q4fLQ7g/T9Evuz/3i5PowQza3tmTGc7eD97IpacFiPrPSlnLmQszzlOFeq9xgPXMv8duLqvVuIF
69gSNKA+NhmxO84bK0cJ6UDsqjh7W6UVE5En8A3EvQHBR/q+XB7jRg17rx0UVG+KsmdBxNoJCtZF
HArmSGSQoC3coawZsOMNKhMLZHb7LxZWIbGh5xgDkj9yvbx7abF1kEKcXvkpVSOY4BoeXlf/91sf
QJdS10QnNAjR0JjUYvcUtKy7qO2aIwIK6viSVkWazhZBDq847WETYg34WwiY1Yq2/AZGzl+kZ0Z5
yC877s/DXkT7x/NngkMCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQAJaYyP/9vZxz9SU1qsxKyB
QbdHfkctN6Q9ttDw2KPTuMl+5cdwSnXT/QOM5BTEMR4c7UMisHOkrH6DEqqmmmBfZJycFZYxqKPm
LUldocoHgIaESk1YfYpBh1Hu4hhpdixBkVPEXbnlZEa4x6ea7MvNlt8+BiKdcQrV/+uICsCgi1gt
RdoH0+q1Vdn2P9bv2/pcgxh6EQ2EEj5mwqyiuDuMj2Ni+unMgG2ZAP9jaH4DrgshwqO2SzdzxpxW
+Rt8j+OQ3k0DrikGMzMt9REAcKmDl3LUr6UpNlmHLPgYDd3v7SbNylPKwnsYqIY1nHrErU9emkGh
SYhNTlrZ6Q0505aq
-----END CERTIFICATE REQUEST-----
tag=Request value=-----BEGIN CERTIFICATE REQUEST-----
MIICdDCCAVwCAQAwLzESMBAGA1UEChMJc2lsZW50ZG9tMRkwFwYDVQQDExBmMTYtcGtpLnRlc3Qu
Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8X2y2g4cGBcRxxMDQRkv266mIDLr
tNT82ltaFB4jGgU1Vik7CHaSxxCYyg7ptJbJ6xf6SL0uRdNRDFHmC4KuF8WeXoNYx0fGwQIHHcYr
HAdI/lNKz31MFfb3kSFwj6PJ4Pp1Ofc0sMsLBCfxnIQkUMmsBr4PCOI+8OqYeD5DcWsQ507UDs7e
vuQpiBkPTaz33GqSQCgtdODSiFeJ1gPRWUcwO80vFYEAHibuGJBBqzDxm11ojSgGlZDx2klFK+lZ
b0KY/UIgsCKWqsSqzpSOKlFT7twHM2q0EkAwarUzXS6m44Zcq9xNQSbr0WtBc5hn2f1/kzRmdNBH
Z1RAOXM1XQIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBAH2/7/5g7+aZg95XxU7HvXTEsZpqxAuP
yFLnIav8BIuoH+ALvhmpDS7Bfl3w4J7kgsLQnc2FXG3VkZ0em3FUoVA+qy90CGZVlbuu+RjUxShP
WNQPer6fX2azzoqMYQOLWPeSH5F1OG3kaHhzaHz1hP9pdDKvPnjCh+twipvnHDWMGIZc67brWeyd
r9OLabdwQJ6YD8EBy528VAGGPrn6hivsKiQd3QzsZvOffTNF1DoqXB3Kco4yYhhxfpK85Rh3J//4
VHOOxvL0hDWhSiXgIma/Q0NeBOc/MD8vc0H3KK3+wDoe4L/ch8r+pcf+6e4KDkfvIURs8BOAgqRC
d80ZoIw=
-----END CERTIFICATE REQUEST-----
tag=Request value=-----BEGIN CERTIFICATE REQUEST-----
MIICfTCCAWUCAQAwODESMBAGA1UEChMJc2lsZW50ZG9tMSIwIAYDVQQDExlEUk0gU3Vic3lzdGVt
IENlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGKm0z0ZIqOb4VlJ
DLzkJ7s2hr/EDk++KTCQR4edVzt7f6Iu8w/U4ScWBz7RuVc1tb//G8yC6MiJngsDpZF86vvxSIOe
QZAzACZXv97S1PerIiEryhC13hJvtmAdKPToGSXfnoylQ3J0wR83I3gSvXOe/a71DA++XqWBoa/Q
xhNLNUG39StYwGGDE3/ROaW2cnxG7A0WMpuPtuLi4Hxz9u7ub+QZ6R8RnTCxkiVQ9XlMXc3frT2n
ETeutXjOyxBNL6Kn1jwocmGXdQMv8ZlwHfLuYuoA8XITN7KYWd0lQW34cN83gLjHferqPbRjXaEL
YmzfFVGSykD97qjHkwPFeQIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBACzFiBjNFMRw2EbLDIAT
H8MsIk1YIQBK6SpO7EJzMyi9Lti7qsHq4gqAazsbclnPHBUkqx6MP0mpfGBCaCwgFysXzGeeotWr
y7MamLlOOzL1ErCG2y/NhP9laO/xlspt47xHY+5/xdlWfgAy2+Ur4DEnbbMWXfEshAqtgUufXv2y
e0UnKF7OontKPUBkpAEfjLvHXUdlj7Es3Vd+//YABDboc/usTGaaqWNmbnVT66QTQ9TD9pogEjCk
GA4DnBYLQDEQYWD3sjzrcxCoj0Up5Aahc90T6I4+KjTirVigITS6YXnUR8Kh0fEPQFFrNdtovyiS
SqxZJH1R/vkuyoRhyqk=
-----END CERTIFICATE REQUEST-----
tag=Request value=-----BEGIN CERTIFICATE REQUEST-----
MIICgTCCAWkCAQAwPDESMBAGA1UEChMJc2lsZW50ZG9tMSYwJAYDVQQDEx1EUk0gQXVkaXQgU2ln
bmluZyBDZXJ0aWZpY2F0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ2OplSmDA08
hyg318iIZ70zzogRntJUOyDH3KbCw4oIIFGw4PlVIflJJAr9SU+L+V5uk4+qeG3dJiORGVBkrUG8
GnMCr0fQ8kmxwCVuOjHM1m9WtycEn2stz0V8j/ieVcnszrADNZqhepDDYGz7Ep6plbGgPqm+VFVW
FMTJ5l6qB311bv7V89P1F2JRU37DShD366fnuePwwHNEnUunpsF3G/PRX5Tb7hDsoK8E6PWMdazT
xBbxL0u1LWwJa2nr8ljMVyzHlJ6NQtqkZFmLiRa0/l3joqYrbHYpUioJ147ZxrGoxQY4OUebrNzC
qjz9sohZNESZiIVNcdvLz3qfMcMCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQCdf/06cflMkdOL
do28FvgdpGvF6OBtvV6ZjKY/oeIYz5eVDvpUD1+s8Jw+GD+AI4CvDzUMo9vy5kNsRhytDgauKJAb
2v67lBugpKLQVj3vWnCcjrmVrt1hL7H+9VISD5zSIKpA7L0haCwRcCwFpkphQCzNFngHo4+F4tC7
65s/0GAIiqzWw+/1KntUeNhopBiXkAWtnCXl1cOQ/eIUeuHjY1kxjHhCOVI6jQg31I8sZOWwjmO+
XsXNSnHI48cD7SrVcmPZuNwsSbs00+w7VOmuKPw3AXjnsiTaqPtcBQWlKzSRvNkUNnbtjUTIqAzF
+5V/3X+7jtrPShcoWGW9/cQB
-----END CERTIFICATE REQUEST-----
tag=Certificate value=-----BEGIN CERTIFICATE-----
MIIDdjCCAl6gAwIBAgIBBzANBgkqhkiG9w0BAQ0FADA3MRIwEAYDVQQKEwlzaWxlbnRkb20xITAf
BgNVBAMTGENlcnRpZmljYXRlIEF1dGhvcml0eS1jYTAeFw0xMjAyMDExNjUzNDBaFw0xNDAxMjEx
NjUzNDBaMDgxEjAQBgNVBAoTCXNpbGVudGRvbTEiMCAGA1UEAxMZRFJNIFRyYW5zcG9ydCBDZXJ0
aWZpY2F0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOc9rSy5gfpbcpuqvfOxK+l8
TTw2wEtn2P8BdX7dvpQKx7WTHW4kheGnw3k/0pKSVD7/dW524iSQEsuFMUDZ2bqHbDgs2sCUPIOM
GRve+ad1zKKPYsmDFSIKiw3UqrpLajydTt30hE8j4sEDFBnSNlem5bSV08hhgWyf8CP+2cfYtenl
ULRh2gGJIcyUT+oZtx0y+3fP2wMUHkgcp4tW/Oxl5qjUZsFVzV5re83WZg0KCd3KGCfikHhWjT1b
3+JekWavcfRtEO8TSQyCCfy8rB7aIM7Z2gspGfNP91VH6tdiT3zJUIXfIisfpzlm7RXicowVM9FJ
2QlKlHS5BqtOvY8CAwEAAaOBizCBiDAfBgNVHSMEGDAWgBRDrPYwkTq1hwyi1K8qYW3l52HiGjBA
BggrBgEFBQcBAQQ0MDIwMAYIKwYBBQUHMAGGJGh0dHA6Ly9mMTYtcGtpLnRlc3QuY29tOjkxODAv
Y2Evb2NzcDAOBgNVHQ8BAf8EBAMCBPAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDQYJKoZIhvcNAQEN
BQADggEBAOEx9n8s67OZeMYxbPY+BqbCVID1qmNmAuc+07RuYIuDvFX2jV22dNdQzorWcRBcWHu1
OUVGUDcdlWGKo2ze4U80fjA5OxtrrGzs6J+o5LiJwljsBBYpnFY59dw1zBTY01NHccgSBNEhDIJX
qbwOGmzT3Wf+c3XzP3TTyFqk5NHOah/0qtS8L9wsy2eImvw7d4J1eOw+wM5b8s2Bt5rhxowrzvEO
cGG06kHhiCAQgEty3cq7dXTgbJslMJylRbYk51MGu3nJcqy+oEj3HQ+C9f0n+Mu+LXFgaYVSkacF
G5JSq3DnKpcN1p1HNb4Ik1uzUbzKmtp2ttd4hUNR3Qfd7Lg=
-----END CERTIFICATE-----
tag=Certificate value=-----BEGIN CERTIFICATE-----
MIIDdDCCAlygAwIBAgIBCDANBgkqhkiG9w0BAQ0FADA3MRIwEAYDVQQKEwlzaWxlbnRkb20xITAf
BgNVBAMTGENlcnRpZmljYXRlIEF1dGhvcml0eS1jYTAeFw0xMjAyMDExNjUzNDlaFw0xNDAxMjEx
NjUzNDlaMDYxEjAQBgNVBAoTCXNpbGVudGRvbTEgMB4GA1UEAxMXRFJNIFN0b3JhZ2UgQ2VydGlm
aWNhdGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcMkWLe5/wlHGOC11wJt6uHy0O
4P0/RL7s/94uT6MEM2t7ZkxnO3g/eyKWnBYj6z0pZy5kLM85ThXqvcYD1zL/Hbi6r1biBevYEjSg
PjYZsTvOGytHCelA7Ko4e1ulFRORJ/ANxL0BwUf6vlwe40YNe68dFFRvirJnQcTaCQrWRRwK5khk
kKAt3KGsGbDjDSoTC2R2+y8WViGxoecYA5I/cr28e2mxdZBCnF75KVUjmOAaHl5X//dbH0CXUtdE
JzQI0dCY1GL3FLSsu6jtmiMCCur4klZFms4WQQ6vOO1hE2IN+FsImNWKtvwGRs5fpGdGecgvO+7P
w15E+8fzZ4JDAgMBAAGjgYswgYgwHwYDVR0jBBgwFoAUQ6z2MJE6tYcMotSvKmFt5edh4howQAYI
KwYBBQUHAQEENDAyMDAGCCsGAQUFBzABhiRodHRwOi8vZjE2LXBraS50ZXN0LmNvbTo5MTgwL2Nh
L29jc3AwDgYDVR0PAQH/BAQDAgTwMBMGA1UdJQQMMAoGCCsGAQUFBwMCMA0GCSqGSIb3DQEBDQUA
A4IBAQDYU5nUd0Yhro/Dzh+136pvudurEVJRJ9KM4SXleGWimpQWDYfBttbvi064Od2+o7yWT1Ii
kAkJlA6FeGYJqlB5TAEhNuaqiDEvmlKpbN/k/BoXib//Uk6+bBYmqj5J3E8vdw6zmAzcnAjlaABp
4ribeLcT4s1DRZHFTwqiahx1y7B7j6qZlqxeXVEWACQqxotE6oODHjb1XWLgzNNL+i+j5HBC6wde
1Z19t9bAUtSROPz/nc4qkstuxGpP9UEqHTWzfoJgWdwrCVytVPKgcg5JlD2AKLK0VP9Y50vUhrzK
YznFI3lWZogKlSMggsXTyiAjIa8SmOMAZgffE9AwpH6j
-----END CERTIFICATE-----
tag=Certificate value=-----BEGIN CERTIFICATE-----
MIIDgTCCAmmgAwIBAgIBCTANBgkqhkiG9w0BAQ0FADA3MRIwEAYDVQQKEwlzaWxlbnRkb20xITAf
BgNVBAMTGENlcnRpZmljYXRlIEF1dGhvcml0eS1jYTAeFw0xMjAyMDExNjUzNTVaFw0xNDAxMjEx
NjUzNTVaMC8xEjAQBgNVBAoTCXNpbGVudGRvbTEZMBcGA1UEAxMQZjE2LXBraS50ZXN0LmNvbTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPF9stoOHBgXEccTA0EZL9uupiAy67TU/Npb
WhQeIxoFNVYpOwh2kscQmMoO6bSWyesX+ki9LkXTUQxR5guCrhfFnl6DWMdHxsECBx3GKxwHSP5T
Ss99TBX295EhcI+jyeD6dTn3NLDLCwQn8ZyEJFDJrAa+DwjiPvDqmHg+Q3FrEOdO1A7O3r7kKYgZ
D02s99xqkkAoLXTg0ohXidYD0VlHMDvNLxWBAB4m7hiQQasw8ZtdaI0oBpWQ8dpJRSvpWW9CmP1C
ILAilqrEqs6UjipRU+7cBzNqtBJAMGq1M10upuOGXKvcTUEm69FrQXOYZ9n9f5M0ZnTQR2dUQDlz
NV0CAwEAAaOBnzCBnDAfBgNVHSMEGDAWgBRDrPYwkTq1hwyi1K8qYW3l52HiGjBABggrBgEFBQcB
AQQ0MDIwMAYIKwYBBQUHMAGGJGh0dHA6Ly9mMTYtcGtpLnRlc3QuY29tOjkxODAvY2Evb2NzcDAO
BgNVHQ8BAf8EBAMCBPAwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDAN
BgkqhkiG9w0BAQ0FAAOCAQEALc3dDx7pGzxMNvALNIzxy6aK4n0xNNf+ye7J8N/S4dpNogOOSs6Q
MpZ/7o1hDUpDC8yi8NCZC4M0OmNl5JQ0we0InwjTaRgfK64a5w2wzAya8uq1DGsKznIbAlyTlyHY
xqqcGnfoMSmmh5twP2bv9ZILfHmUneUB44KOVAtrvtyQjKXq4YqZ30BWiAXoKHGgew0fBIhE0VbX
kXYsx4u5hsVPvXB6ILclaSfBDXWpadBN92od/+UuqNYxalTWip9WSgP1xM4BAuAI2fcTU0p6OtmS
WmpnOav8eKflesgMnfDEd/iNBY4mk7tJ/s6Iw3dtKmodPTJFU9k1qfQF5M2HKQ==
-----END CERTIFICATE-----
tag=Certificate value=-----BEGIN CERTIFICATE-----
MIIDdjCCAl6gAwIBAgIBCjANBgkqhkiG9w0BAQ0FADA3MRIwEAYDVQQKEwlzaWxlbnRkb20xITAf
BgNVBAMTGENlcnRpZmljYXRlIEF1dGhvcml0eS1jYTAeFw0xMjAyMDExNjUzNThaFw0xNDAxMjEx
NjUzNThaMDgxEjAQBgNVBAoTCXNpbGVudGRvbTEiMCAGA1UEAxMZRFJNIFN1YnN5c3RlbSBDZXJ0
aWZpY2F0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBiptM9GSKjm+FZSQy85Ce7
Noa/xA5PvikwkEeHnVc7e3+iLvMP1OEnFgc+0blXNbW//xvMgujIiZ4LA6WRfOr78UiDnkGQMwAm
V7/e0tT3qyIhK8oQtd4Sb7ZgHSj06Bkl356MpUNydMEfNyN4Er1znv2u9QwPvl6lgaGv0MYTSzVB
t/UrWMBhgxN/0TmltnJ8RuwNFjKbj7bi4uB8c/bu7m/kGekfEZ0wsZIlUPV5TF3N3609pxE3rrV4
zssQTS+ip9Y8KHJhl3UDL/GZcB3y7mLqAPFyEzeymFndJUFt+HDfN4C4x33q6j20Y12hC2Js3xVR
kspA/e6ox5MDxXkCAwEAAaOBizCBiDAfBgNVHSMEGDAWgBRDrPYwkTq1hwyi1K8qYW3l52HiGjBA
BggrBgEFBQcBAQQ0MDIwMAYIKwYBBQUHMAGGJGh0dHA6Ly9mMTYtcGtpLnRlc3QuY29tOjkxODAv
Y2Evb2NzcDAOBgNVHQ8BAf8EBAMCBPAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDQYJKoZIhvcNAQEN
BQADggEBAJidsPPb8YSYRE/1R/VsMrCkTaIQ9iR1WbL0oIIyV0quVjStuVC0IqX+R92PPT3qS2OE
vYjMp6dPyaQYZwWDOj7VM0v5FO8G82jnT5Fy0NCvAg59+Ua4IeMKWN1NjWVUkmI6z+en8v7aUmLW
Fsmpu7aWKM8WJQpcpbezPYJWo1dmX1UDKjBYblNqagljsa/u1ig+z7GGbINDIZGNQKvPAtpONGZi
HK2I9tLFwRfu6lf7/V0wA/f7JNFtfKyblwG2BeS74JFxSDbZuSjXjD2C1f78uuIf4GvrgBi4Ca7H
KpNsZGMBRDC60tYHcnJzur89ssQrJpVTkJR+0oiFliQe2P4=
-----END CERTIFICATE-----
tag=Certificate value=-----BEGIN CERTIFICATE-----
MIIDYzCCAkugAwIBAgIBCzANBgkqhkiG9w0BAQ0FADA3MRIwEAYDVQQKEwlzaWxlbnRkb20xITAf
BgNVBAMTGENlcnRpZmljYXRlIEF1dGhvcml0eS1jYTAeFw0xMjAyMDExNjU0MDdaFw0xNDAxMjEx
NjU0MDdaMDwxEjAQBgNVBAoTCXNpbGVudGRvbTEmMCQGA1UEAxMdRFJNIEF1ZGl0IFNpZ25pbmcg
Q2VydGlmaWNhdGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdjqZUpgwNPIcoN9fI
iGe9M86IEZ7SVDsgx9ymwsOKCCBRsOD5VSH5SSQK/UlPi/lebpOPqnht3SYjkRlQZK1BvBpzAq9H
0PJJscAlbjoxzNZvVrcnBJ9rLc9FfI/4nlXJ7M6wAzWaoXqQw2Bs+xKeqZWxoD6pvlRVVhTEyeZe
qgd9dW7+1fPT9RdiUVN+w0oQ9+un57nj8MBzRJ1Lp6bBdxvz0V+U2+4Q7KCvBOj1jHWs08QW8S9L
tS1sCWtp6/JYzFcsx5SejULapGRZi4kWtP5d46KmK2x2KVIqCdeO2caxqMUGODlHm6zcwqo8/bKI
WTREmYiFTXHby896nzHDAgMBAAGjdTBzMB8GA1UdIwQYMBaAFEOs9jCROrWHDKLUryphbeXnYeIa
MEAGCCsGAQUFBwEBBDQwMjAwBggrBgEFBQcwAYYkaHR0cDovL2YxNi1wa2kudGVzdC5jb206OTE4
MC9jYS9vY3NwMA4GA1UdDwEB/wQEAwIGwDANBgkqhkiG9w0BAQ0FAAOCAQEAlOSVDyu0/zs2w/1W
Cn7LghUpNyEKKNRnz3KfAWnO1zxZJyuRvfX1V28Mq6+eXW+aUCcPKA6LEKGuKnLfPPYE2WbThsNd
bdRXEB/fQaiKGOJwBKObb498W6j7IXWkESsTNddr+AlRpnAYIXcsyAvZLtM3x+YUPdUYmTc0nyjM
dDllObQfRz48KdtBP8OG+wjmy5PT+Y1lE1npkt43aUovbBTNGP5jgLaW9NXo8HHjxCk2ijmgHnKG
pYByqE7LC+h2YmpudSE6IlOpUgy8SNdnuAc9KD1Z9kDhaaZZEyVdLlAp3DgkPrBSiC3lRFUG6315
/T7FlBhOCX2r0wzCp0yrFw==
-----END CERTIFICATE-----
tag=Nickname value=transportCert cert-pki-kra
tag=Nickname value=storageCert cert-pki-kra
tag=Nickname value=Server-Cert cert-pki-kra
tag=Nickname value=subsystemCert cert-pki-kra
tag=Nickname value=auditSigningCert cert-pki-kra
Sleeping for 5 secs..
#############################################
Attempting to connect to: f16-pki.test.com:10445
ERROR: unable to set ECC Cipher List
ERROR: Exception = org.mozilla.jss.ssl.SSLSocketException: Failed to enable cipher 0xc001
: (-12266) An unknown SSL cipher suite has been requested.
Connected.
Posting Query = https://f16-pki.test.com:10445//kra/admin/console/config/wizard?p=10&op=next&xml=true&subsystem=-----BEGIN+CERTIFICATE-----%0AMIIDdjCCAl6gAwIBAgIBCjANBgkqhkiG9w0BAQ0FADA3MRIwEAYDVQQKEwlzaWxlbnRkb20xITAf%0ABgNVBAMTGENlcnRpZmljYXRlIEF1dGhvcml0eS1jYTAeFw0xMjAyMDExNjUzNThaFw0xNDAxMjEx%0ANjUzNThaMDgxEjAQBgNVBAoTCXNpbGVudGRvbTEiMCAGA1UEAxMZRFJNIFN1YnN5c3RlbSBDZXJ0%0AaWZpY2F0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBiptM9GSKjm%2BFZSQy85Ce7%0ANoa%2FxA5PvikwkEeHnVc7e3%2BiLvMP1OEnFgc%2B0blXNbW%2F%2FxvMgujIiZ4LA6WRfOr78UiDnkGQMwAm%0AV7%2Fe0tT3qyIhK8oQtd4Sb7ZgHSj06Bkl356MpUNydMEfNyN4Er1znv2u9QwPvl6lgaGv0MYTSzVB%0At%2FUrWMBhgxN%2F0TmltnJ8RuwNFjKbj7bi4uB8c%2Fbu7m%2FkGekfEZ0wsZIlUPV5TF3N3609pxE3rrV4%0AzssQTS%2Bip9Y8KHJhl3UDL%2FGZcB3y7mLqAPFyEzeymFndJUFt%2BHDfN4C4x33q6j20Y12hC2Js3xVR%0AkspA%2Fe6ox5MDxXkCAwEAAaOBizCBiDAfBgNVHSMEGDAWgBRDrPYwkTq1hwyi1K8qYW3l52HiGjBA%0ABggrBgEFBQcBAQQ0MDIwMAYIKwYBBQUHMAGGJGh0dHA6Ly9mMTYtcGtpLnRlc3QuY29tOjkxODAv%0AY2Evb2NzcDAOBgNVHQ8BAf8EBAMCBPAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDQYJKoZIhvcNAQEN%0ABQADggEBAJidsPPb8YSYRE%2F1R%2FVsMrCkTaIQ9iR1WbL0oIIyV0quVjStuVC0IqX%2BR92PPT3qS2OE%0AvYjMp6dPyaQYZwWDOj7VM0v5FO8G82jnT5Fy0NCvAg59%2BUa4IeMKWN1NjWVUkmI6z%2Ben8v7aUmLW%0AFsmpu7aWKM8WJQpcpbezPYJWo1dmX1UDKjBYblNqagljsa%2Fu1ig%2Bz7GGbINDIZGNQKvPAtpONGZi%0AHK2I9tLFwRfu6lf7%2FV0wA%2Ff7JNFtfKyblwG2BeS74JFxSDbZuSjXjD2C1f78uuIf4GvrgBi4Ca7H%0AKpNsZGMBRDC60tYHcnJzur89ssQrJpVTkJR%2B0oiFliQe2P4%3D%0A-----END+CERTIFICATE-----&subsystem_cc=&transport=-----BEGIN+CERTIFICATE-----%0AMIIDdjCCAl6gAwIBAgIBBzANBgkqhkiG9w0BAQ0FADA3MRIwEAYDVQQKEwlzaWxlbnRkb20xITAf%0ABgNVBAMTGENlcnRpZmljYXRlIEF1dGhvcml0eS1jYTAeFw0xMjAyMDExNjUzNDBaFw0xNDAxMjEx%0ANjUzNDBaMDgxEjAQBgNVBAoTCXNpbGVudGRvbTEiMCAGA1UEAxMZRFJNIFRyYW5zcG9ydCBDZXJ0%0AaWZpY2F0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOc9rSy5gfpbcpuqvfOxK%2Bl8%0ATTw2wEtn2P8BdX7dvpQKx7WTHW4kheGnw3k%2F0pKSVD7%2FdW524iSQEsuFMUDZ2bqHbDgs2sCUPIOM%0AGRve%2Bad1zKKPYsmDFSIKiw3UqrpLajydTt30hE8j4sEDFBnSNlem5bSV08hhgWyf8CP%2B2cfYtenl%0AULRh2gGJIcyUT%2BoZtx0y%2B3fP2wMUHkgcp4tW%2FOxl5qjUZsFVzV5re83WZg0KCd3KGCfikHhWjT1b%0A3%2BJekWavcfRtEO8TSQyCCfy8rB7aIM7Z2gspGfNP91VH6tdiT3zJUIXfIisfpzlm7RXicowVM9FJ%0A2QlKlHS5BqtOvY8CAwEAAaOBizCBiDAfBgNVHSMEGDAWgBRDrPYwkTq1hwyi1K8qYW3l52HiGjBA%0ABggrBgEFBQcBAQQ0MDIwMAYIKwYBBQUHMAGGJGh0dHA6Ly9mMTYtcGtpLnRlc3QuY29tOjkxODAv%0AY2Evb2NzcDAOBgNVHQ8BAf8EBAMCBPAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDQYJKoZIhvcNAQEN%0ABQADggEBAOEx9n8s67OZeMYxbPY%2BBqbCVID1qmNmAuc%2B07RuYIuDvFX2jV22dNdQzorWcRBcWHu1%0AOUVGUDcdlWGKo2ze4U80fjA5OxtrrGzs6J%2Bo5LiJwljsBBYpnFY59dw1zBTY01NHccgSBNEhDIJX%0AqbwOGmzT3Wf%2Bc3XzP3TTyFqk5NHOah%2F0qtS8L9wsy2eImvw7d4J1eOw%2BwM5b8s2Bt5rhxowrzvEO%0AcGG06kHhiCAQgEty3cq7dXTgbJslMJylRbYk51MGu3nJcqy%2BoEj3HQ%2BC9f0n%2BMu%2BLXFgaYVSkacF%0AG5JSq3DnKpcN1p1HNb4Ik1uzUbzKmtp2ttd4hUNR3Qfd7Lg%3D%0A-----END+CERTIFICATE-----&transport_cc=&storage=-----BEGIN+CERTIFICATE-----%0AMIIDdDCCAlygAwIBAgIBCDANBgkqhkiG9w0BAQ0FADA3MRIwEAYDVQQKEwlzaWxlbnRkb20xITAf%0ABgNVBAMTGENlcnRpZmljYXRlIEF1dGhvcml0eS1jYTAeFw0xMjAyMDExNjUzNDlaFw0xNDAxMjEx%0ANjUzNDlaMDYxEjAQBgNVBAoTCXNpbGVudGRvbTEgMB4GA1UEAxMXRFJNIFN0b3JhZ2UgQ2VydGlm%0AaWNhdGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcMkWLe5%2FwlHGOC11wJt6uHy0O%0A4P0%2FRL7s%2F94uT6MEM2t7ZkxnO3g%2FeyKWnBYj6z0pZy5kLM85ThXqvcYD1zL%2FHbi6r1biBevYEjSg%0APjYZsTvOGytHCelA7Ko4e1ulFRORJ%2FANxL0BwUf6vlwe40YNe68dFFRvirJnQcTaCQrWRRwK5khk%0AkKAt3KGsGbDjDSoTC2R2%2By8WViGxoecYA5I%2Fcr28e2mxdZBCnF75KVUjmOAaHl5X%2F%2FdbH0CXUtdE%0AJzQI0dCY1GL3FLSsu6jtmiMCCur4klZFms4WQQ6vOO1hE2IN%2BFsImNWKtvwGRs5fpGdGecgvO%2B7P%0Aw15E%2B8fzZ4JDAgMBAAGjgYswgYgwHwYDVR0jBBgwFoAUQ6z2MJE6tYcMotSvKmFt5edh4howQAYI%0AKwYBBQUHAQEENDAyMDAGCCsGAQUFBzABhiRodHRwOi8vZjE2LXBraS50ZXN0LmNvbTo5MTgwL2Nh%0AL29jc3AwDgYDVR0PAQH%2FBAQDAgTwMBMGA1UdJQQMMAoGCCsGAQUFBwMCMA0GCSqGSIb3DQEBDQUA%0AA4IBAQDYU5nUd0Yhro%2FDzh%2B136pvudurEVJRJ9KM4SXleGWimpQWDYfBttbvi064Od2%2Bo7yWT1Ii%0AkAkJlA6FeGYJqlB5TAEhNuaqiDEvmlKpbN%2Fk%2FBoXib%2F%2FUk6%2BbBYmqj5J3E8vdw6zmAzcnAjlaABp%0A4ribeLcT4s1DRZHFTwqiahx1y7B7j6qZlqxeXVEWACQqxotE6oODHjb1XWLgzNNL%2Bi%2Bj5HBC6wde%0A1Z19t9bAUtSROPz%2Fnc4qkstuxGpP9UEqHTWzfoJgWdwrCVytVPKgcg5JlD2AKLK0VP9Y50vUhrzK%0AYznFI3lWZogKlSMggsXTyiAjIa8SmOMAZgffE9AwpH6j%0A-----END+CERTIFICATE-----&storage_cc=&sslserver=-----BEGIN+CERTIFICATE-----%0AMIIDgTCCAmmgAwIBAgIBCTANBgkqhkiG9w0BAQ0FADA3MRIwEAYDVQQKEwlzaWxlbnRkb20xITAf%0ABgNVBAMTGENlcnRpZmljYXRlIEF1dGhvcml0eS1jYTAeFw0xMjAyMDExNjUzNTVaFw0xNDAxMjEx%0ANjUzNTVaMC8xEjAQBgNVBAoTCXNpbGVudGRvbTEZMBcGA1UEAxMQZjE2LXBraS50ZXN0LmNvbTCC%0AASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPF9stoOHBgXEccTA0EZL9uupiAy67TU%2FNpb%0AWhQeIxoFNVYpOwh2kscQmMoO6bSWyesX%2Bki9LkXTUQxR5guCrhfFnl6DWMdHxsECBx3GKxwHSP5T%0ASs99TBX295EhcI%2BjyeD6dTn3NLDLCwQn8ZyEJFDJrAa%2BDwjiPvDqmHg%2BQ3FrEOdO1A7O3r7kKYgZ%0AD02s99xqkkAoLXTg0ohXidYD0VlHMDvNLxWBAB4m7hiQQasw8ZtdaI0oBpWQ8dpJRSvpWW9CmP1C%0AILAilqrEqs6UjipRU%2B7cBzNqtBJAMGq1M10upuOGXKvcTUEm69FrQXOYZ9n9f5M0ZnTQR2dUQDlz%0ANV0CAwEAAaOBnzCBnDAfBgNVHSMEGDAWgBRDrPYwkTq1hwyi1K8qYW3l52HiGjBABggrBgEFBQcB%0AAQQ0MDIwMAYIKwYBBQUHMAGGJGh0dHA6Ly9mMTYtcGtpLnRlc3QuY29tOjkxODAvY2Evb2NzcDAO%0ABgNVHQ8BAf8EBAMCBPAwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDAN%0ABgkqhkiG9w0BAQ0FAAOCAQEALc3dDx7pGzxMNvALNIzxy6aK4n0xNNf%2Bye7J8N%2FS4dpNogOOSs6Q%0AMpZ%2F7o1hDUpDC8yi8NCZC4M0OmNl5JQ0we0InwjTaRgfK64a5w2wzAya8uq1DGsKznIbAlyTlyHY%0AxqqcGnfoMSmmh5twP2bv9ZILfHmUneUB44KOVAtrvtyQjKXq4YqZ30BWiAXoKHGgew0fBIhE0VbX%0AkXYsx4u5hsVPvXB6ILclaSfBDXWpadBN92od%2F%2BUuqNYxalTWip9WSgP1xM4BAuAI2fcTU0p6OtmS%0AWmpnOav8eKflesgMnfDEd%2FiNBY4mk7tJ%2Fs6Iw3dtKmodPTJFU9k1qfQF5M2HKQ%3D%3D%0A-----END+CERTIFICATE-----&sslserver_cc=&audit_signing=-----BEGIN+CERTIFICATE-----%0AMIIDYzCCAkugAwIBAgIBCzANBgkqhkiG9w0BAQ0FADA3MRIwEAYDVQQKEwlzaWxlbnRkb20xITAf%0ABgNVBAMTGENlcnRpZmljYXRlIEF1dGhvcml0eS1jYTAeFw0xMjAyMDExNjU0MDdaFw0xNDAxMjEx%0ANjU0MDdaMDwxEjAQBgNVBAoTCXNpbGVudGRvbTEmMCQGA1UEAxMdRFJNIEF1ZGl0IFNpZ25pbmcg%0AQ2VydGlmaWNhdGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdjqZUpgwNPIcoN9fI%0AiGe9M86IEZ7SVDsgx9ymwsOKCCBRsOD5VSH5SSQK%2FUlPi%2FlebpOPqnht3SYjkRlQZK1BvBpzAq9H%0A0PJJscAlbjoxzNZvVrcnBJ9rLc9FfI%2F4nlXJ7M6wAzWaoXqQw2Bs%2BxKeqZWxoD6pvlRVVhTEyeZe%0Aqgd9dW7%2B1fPT9RdiUVN%2Bw0oQ9%2Bun57nj8MBzRJ1Lp6bBdxvz0V%2BU2%2B4Q7KCvBOj1jHWs08QW8S9L%0AtS1sCWtp6%2FJYzFcsx5SejULapGRZi4kWtP5d46KmK2x2KVIqCdeO2caxqMUGODlHm6zcwqo8%2FbKI%0AWTREmYiFTXHby896nzHDAgMBAAGjdTBzMB8GA1UdIwQYMBaAFEOs9jCROrWHDKLUryphbeXnYeIa%0AMEAGCCsGAQUFBwEBBDQwMjAwBggrBgEFBQcwAYYkaHR0cDovL2YxNi1wa2kudGVzdC5jb206OTE4%0AMC9jYS9vY3NwMA4GA1UdDwEB%2FwQEAwIGwDANBgkqhkiG9w0BAQ0FAAOCAQEAlOSVDyu0%2Fzs2w%2F1W%0ACn7LghUpNyEKKNRnz3KfAWnO1zxZJyuRvfX1V28Mq6%2BeXW%2BaUCcPKA6LEKGuKnLfPPYE2WbThsNd%0AbdRXEB%2FfQaiKGOJwBKObb498W6j7IXWkESsTNddr%2BAlRpnAYIXcsyAvZLtM3x%2BYUPdUYmTc0nyjM%0AdDllObQfRz48KdtBP8OG%2Bwjmy5PT%2BY1lE1npkt43aUovbBTNGP5jgLaW9NXo8HHjxCk2ijmgHnKG%0ApYByqE7LC%2Bh2YmpudSE6IlOpUgy8SNdnuAc9KD1Z9kDhaaZZEyVdLlAp3DgkPrBSiC3lRFUG6315%0A%2FT7FlBhOCX2r0wzCp0yrFw%3D%3D%0A-----END+CERTIFICATE-----&audit_signing_cc=
RESPONSE STATUS: HTTP/1.1 200 OK
RESPONSE HEADER: Server: Apache-Coyote/1.1
RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8
RESPONSE HEADER: Date: Wed, 01 Feb 2012 16:54:31 GMT
RESPONSE HEADER: Connection: close
admin/console/config/backupkeycertpanel.vm
success
16
Export Keys and Certificates
welcome
Welcome
module
Key Store
confighsmlogin
ConfigHSMLogin
securitydomain
Security Domain
securitydomain
Display Certificate Chain
subsystem
Subsystem Type
restorekeys
Import Keys and Certificates
databasepanel
Internal Database
sizepanel
Key Pairs
namepanel
Subject Names
certrequestpanel
Requests and Certificates
backupkeys
Export Keys and Certificates
savepk12
Save Keys and Certificates
adminpanel
Administrator
importadmincertpanel
Import Administrator's Certificate
donepanel
Done
checked
11
DRM Setup Wizard
backupkeys
Sleeping for 5 secs..
#############################################
Attempting to connect to: f16-pki.test.com:10445
ERROR: unable to set ECC Cipher List
ERROR: Exception = org.mozilla.jss.ssl.SSLSocketException: Failed to enable cipher 0xc001
: (-12266) An unknown SSL cipher suite has been requested.
Connected.
Posting Query = https://f16-pki.test.com:10445//kra/admin/console/config/wizard?p=11&op=next&xml=true&choice=backupkey&__pwd=testpwd&__pwdagain=redhat
RESPONSE STATUS: HTTP/1.1 200 OK
RESPONSE HEADER: Server: Apache-Coyote/1.1
RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8
RESPONSE HEADER: Date: Wed, 01 Feb 2012 16:54:56 GMT
RESPONSE HEADER: Connection: close
admin/console/config/savepkcs12panel.vm
kra
success
16
Save Keys and Certificates
welcome
Welcome
module
Key Store
confighsmlogin
ConfigHSMLogin
securitydomain
Security Domain
securitydomain
Display Certificate Chain
subsystem
Subsystem Type
restorekeys
Import Keys and Certificates
databasepanel
Internal Database
sizepanel
Key Pairs
namepanel
Subject Names
certrequestpanel
Requests and Certificates
backupkeys
Export Keys and Certificates
savepk12
Save Keys and Certificates
adminpanel
Administrator
importadmincertpanel
Import Administrator's Certificate
donepanel
Done
DRM Setup Wizard
12
savepk12
Sleeping for 5 secs..
#############################################
Attempting to connect to: f16-pki.test.com:10445
ERROR: unable to set ECC Cipher List
ERROR: Exception = org.mozilla.jss.ssl.SSLSocketException: Failed to enable cipher 0xc001
: (-12266) An unknown SSL cipher suite has been requested.
Connected.
Posting Query = https://f16-pki.test.com:10445//kra/admin/console/config/savepkcs12?
RESPONSE STATUS: HTTP/1.1 200 OK
RESPONSE HEADER: Server: Apache-Coyote/1.1
RESPONSE HEADER: Content-Type: application/x-pkcs12
RESPONSE HEADER: Date: Wed, 01 Feb 2012 16:55:01 GMT
RESPONSE HEADER: Connection: close
Decoded PFX
Version: 3
AuthSafes has 2 SafeContents
Sleeping for 5 secs..
CRYPTO INIT WITH CERTDB:/var/tmp/testdb
Crypto manager already initialized
Debug : initialize crypto Manager
INITIALIZATION ERROR: org.mozilla.jss.crypto.AlreadyInitializedException
cdir = /var/tmp/testdb
Debug : before getInstance
Debug : before get token
Debug : before login password
Debug : after login password
64-bit osutil library loaded
CRMF_REQUEST = MIIByjCCAcYwggG6AgEBMIIBsYABAqWBhTCBgjESMBAGA1UEChMJc2lsZW50ZG9t
MSUwIwYJKoZIhvcNAQkBFhZwa2kta3JhLWFkbWluQHRlc3QuY29tMRUwEwYKCZIm
iZPyLGQBARMFYWRtaW4xLjAsBgNVBAMTJUtSQSBBZG1pbmlzdHJhdG9yIG9mIElu
c3RhbmNlIHBraS1rcmGmggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2
Yzp5OUuXNHeVHkTvGLaW7FsqzvyJp12lnBTn9tx+IeUvM01fIeYqvqontQlKX0y7
RKHDPcIQ0UW2hOddOykasFJcEO+rquCUd+PjadMdUYGsFcuRBtz37LQeMxcJjpdi
8hg/n/nW0jHQhNIVdq9OLsyvs7xOkX2Cci6Lo5q5/dqvQWmAPY4QpWa6/Cuu56BA
vIXdhrlXcxWhW/3XAUQWd0qP6Iuv1OZjglTk8qtWVv5MmItf1efvylczSfJEPoT7
NAylH9cYzPiXdnHm5k4qNHsar7i1sjO58FrHwvywKnOCdb6mw1mWZ81gByvScRKL
TNTRPh2OaIz6CHf/P7sPAgMBAAEwAKIGgAQDAAMA
#############################################
Attempting to connect to: f16-pki.test.com:10445
ERROR: unable to set ECC Cipher List
ERROR: Exception = org.mozilla.jss.ssl.SSLSocketException: Failed to enable cipher 0xc001
: (-12266) An unknown SSL cipher suite has been requested.
Connected.
Posting Query = https://f16-pki.test.com:10445//kra/admin/console/config/wizard?p=13&op=next&xml=true&cert_request_type=crmf&uid=admin&name=admin&__pwd=testpwd&__admin_password_again=redhat&profileId=caAdminCert&email=pki-kra-admin%40test.com&cert_request=MIIByjCCAcYwggG6AgEBMIIBsYABAqWBhTCBgjESMBAGA1UEChMJc2lsZW50ZG9t%0D%0AMSUwIwYJKoZIhvcNAQkBFhZwa2kta3JhLWFkbWluQHRlc3QuY29tMRUwEwYKCZIm%0D%0AiZPyLGQBARMFYWRtaW4xLjAsBgNVBAMTJUtSQSBBZG1pbmlzdHJhdG9yIG9mIElu%0D%0Ac3RhbmNlIHBraS1rcmGmggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2%0D%0AYzp5OUuXNHeVHkTvGLaW7FsqzvyJp12lnBTn9tx%2BIeUvM01fIeYqvqontQlKX0y7%0D%0ARKHDPcIQ0UW2hOddOykasFJcEO%2BrquCUd%2BPjadMdUYGsFcuRBtz37LQeMxcJjpdi%0D%0A8hg%2Fn%2FnW0jHQhNIVdq9OLsyvs7xOkX2Cci6Lo5q5%2FdqvQWmAPY4QpWa6%2FCuu56BA%0D%0AvIXdhrlXcxWhW%2F3XAUQWd0qP6Iuv1OZjglTk8qtWVv5MmItf1efvylczSfJEPoT7%0D%0ANAylH9cYzPiXdnHm5k4qNHsar7i1sjO58FrHwvywKnOCdb6mw1mWZ81gByvScRKL%0D%0ATNTRPh2OaIz6CHf%2FP7sPAgMBAAEwAKIGgAQDAAMA&subject=cn%3DKRA+Administrator+of+Instance+pki-kra%2Cuid%3Dadmin%2Ce%3Dpki-kra-admin%40test.com%2Co%3Dsilentdom&clone=new&import=true&securitydomain=silentdom
RESPONSE STATUS: HTTP/1.1 200 OK
RESPONSE HEADER: Server: Apache-Coyote/1.1
RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8
RESPONSE HEADER: Date: Wed, 01 Feb 2012 16:55:12 GMT
RESPONSE HEADER: Connection: close
admin/console/config/importadmincertpanel.vm
testpwd
false
9445
testpwd
sdca
success
c
pki-kra-admin@test.com
admin
16
f16-pki.test.com
Import Administrator's Certificate
welcome
Welcome
module
Key Store
confighsmlogin
ConfigHSMLogin
securitydomain
Security Domain
securitydomain
Display Certificate Chain
subsystem
Subsystem Type
restorekeys
Import Keys and Certificates
databasepanel
Internal Database
sizepanel
Key Pairs
namepanel
Subject Names
certrequestpanel
Requests and Certificates
backupkeys
Export Keys and Certificates
savepk12
Save Keys and Certificates
adminpanel
Administrator
importadmincertpanel
Import Administrator's Certificate
donepanel
Done
14
DRM Setup Wizard
true
importadmincertpanel
Sleeping for 5 secs..
#############################################
Attempting to connect to: f16-pki.test.com:9445
ERROR: unable to set ECC Cipher List
ERROR: Exception = org.mozilla.jss.ssl.SSLSocketException: Failed to enable cipher 0xc001
: (-12266) An unknown SSL cipher suite has been requested.
Connected.
Posting Query = https://f16-pki.test.com:9445//ca/admin/ca/getBySerial?serialNumber=c&importCert=true
RESPONSE STATUS: HTTP/1.1 200 OK
RESPONSE HEADER: Server: Apache-Coyote/1.1
RESPONSE HEADER: Content-Type: application/x-x509-user-cert
RESPONSE HEADER: Content-Length: 1942
RESPONSE HEADER: Date: Wed, 01 Feb 2012 16:55:18 GMT
RESPONSE HEADER: Connection: keep-alive
Imported Cert=MIIHkgYJKoZIhvcNAQcCoIIHgzCCB38CAQExADAPBgkqhkiG9w0BBwGgAgQAoIIH
YzCCA8swggKzoAMCAQICAQwwDQYJKoZIhvcNAQENBQAwNzESMBAGA1UEChMJc2ls
ZW50ZG9tMSEwHwYDVQQDExhDZXJ0aWZpY2F0ZSBBdXRob3JpdHktY2EwHhcNMTIw
MjAxMTY1NTExWhcNMTMwMTMxMTY1NTExWjCBgjESMBAGA1UEChMJc2lsZW50ZG9t
MSUwIwYJKoZIhvcNAQkBFhZwa2kta3JhLWFkbWluQHRlc3QuY29tMRUwEwYKCZIm
iZPyLGQBARMFYWRtaW4xLjAsBgNVBAMTJUtSQSBBZG1pbmlzdHJhdG9yIG9mIElu
c3RhbmNlIHBraS1rcmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2
Yzp5OUuXNHeVHkTvGLaW7FsqzvyJp12lnBTn9tx+IeUvM01fIeYqvqontQlKX0y7
RKHDPcIQ0UW2hOddOykasFJcEO+rquCUd+PjadMdUYGsFcuRBtz37LQeMxcJjpdi
8hg/n/nW0jHQhNIVdq9OLsyvs7xOkX2Cci6Lo5q5/dqvQWmAPY4QpWa6/Cuu56BA
vIXdhrlXcxWhW/3XAUQWd0qP6Iuv1OZjglTk8qtWVv5MmItf1efvylczSfJEPoT7
NAylH9cYzPiXdnHm5k4qNHsar7i1sjO58FrHwvywKnOCdb6mw1mWZ81gByvScRKL
TNTRPh2OaIz6CHf/P7sPAgMBAAGjgZUwgZIwHwYDVR0jBBgwFoAUQ6z2MJE6tYcM
otSvKmFt5edh4howQAYIKwYBBQUHAQEENDAyMDAGCCsGAQUFBzABhiRodHRwOi8v
ZjE2LXBraS50ZXN0LmNvbTo5MTgwL2NhL29jc3AwDgYDVR0PAQH/BAQDAgTwMB0G
A1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQ0FAAOCAQEA
MrVnKdA6ZuZm8GThvCYqJIHTBCkppfJmGu64vI0kdapPzXEt4yxifftvkGtMrzTn
F0rPgzd0WDApSaC31FDGQsh5TsyCDlzwFHj3tBBB3E0EaBmluEjpqDF0AKqTWsL5
Vk7R9iYfpxsAm9rZPYZfESoLa4LpXtexKUwpflMRdq5m1JYyF1KKd7Trwr6uZTjg
w2w/wNrUExpZRTw4J5LMSah3uV+Jr3F8vO/1jHn7I1Wq2NS906tEFOEXnyWuvpK1
XEuxpW1QWnzSeILImpBlwXeMQ8y2hq9C6bOkibF40ncAprWr3lg7g/1AcvWuVJo6
GYwJbWVDv8niyxCXicPXQjCCA5AwggJ4oAMCAQICAQEwDQYJKoZIhvcNAQENBQAw
NzESMBAGA1UEChMJc2lsZW50ZG9tMSEwHwYDVQQDExhDZXJ0aWZpY2F0ZSBBdXRo
b3JpdHktY2EwHhcNMTIwMjAxMTQyMjEyWhcNMjAwMjAxMTQyMjEyWjA3MRIwEAYD
VQQKEwlzaWxlbnRkb20xITAfBgNVBAMTGENlcnRpZmljYXRlIEF1dGhvcml0eS1j
YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOHVye0oVlu/Rgz4k28J
X7J0gmHn5XCRJFYJhYudto8S4IWD6+Vj5mXD3eCL+1MIdr+bg4Zt3YY1ehShT7kb
dOnhd14dc5T8ouorn+6IYmUiE9pXWqVMaF/6sNJeZmgglKwS+IyU4/QJa2CiwtVH
Gyd00Isf+md111yWaOb5+7yxSQCtyu1lIsuV1evbaKhl1tfGWNS9bzSg8fEu27yS
SQ2/MQOrOG/GAmUaZj/bMePNrKEn3TaDGtPxt46TnJZJPdxU+vGDz4jH/H5ijU1r
GkMpGgtakmKtuVe3A3VIaNCRpliGZNL/s/P9WFURCVroRmKR/HjbFrDjA0w6YORh
ADMCAwEAAaOBpjCBozAfBgNVHSMEGDAWgBRDrPYwkTq1hwyi1K8qYW3l52HiGjAP
BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBxjAdBgNVHQ4EFgQUQ6z2MJE6
tYcMotSvKmFt5edh4howQAYIKwYBBQUHAQEENDAyMDAGCCsGAQUFBzABhiRodHRw
Oi8vZjE2LXBraS50ZXN0LmNvbTo5MTgwL2NhL29jc3AwDQYJKoZIhvcNAQENBQAD
ggEBAMQxKJTsHAA1tpjwhWdZ0KL8Gflnv1RJsAxnQA90SwesYjYxfmr7/8LJhGNL
QX2gH8Vd6XvHUhDF726nOQND5Y2HBRfShKuKHph0+NVdgao0KdzdysOZsV61pgOM
UqHCJxj1WQ2Wvk7F8tKEVGE1gLu/PJslFZ/VTgzY9vR1akSAd1xujrz/HiY2hFlk
MWRJvbdaUyyluBbTI6GMq+7DrTLEKe6KCCPashKheAr/5lZAn4JScM/2cMudCPBy
02YutofTydZcemaLLpb3xNzTiEVgYpSQhHZSfmF7sWVH5R0vh2ehgYpBpKqlKBdS
J4IKKEDVMzolPpZibmo0ghVtaOAxAA==
CRYPTO INIT WITH CERTDB:/var/tmp/testdb
Crypto manager already initialized
importCert string: importing with nickname: kra-agent
Already logged into to DB
SUCCESS: imported admin user cert
Sleeping for 5 secs..
#############################################
Attempting to connect to: f16-pki.test.com:10445
ERROR: unable to set ECC Cipher List
ERROR: Exception = org.mozilla.jss.ssl.SSLSocketException: Failed to enable cipher 0xc001
: (-12266) An unknown SSL cipher suite has been requested.
Connected.
Posting Query = https://f16-pki.test.com:10445//kra/admin/console/config/wizard?p=14&op=next&xml=true&caHost=f16-pki.test.com&caPort=9443
RESPONSE STATUS: HTTP/1.1 200 OK
RESPONSE HEADER: Server: Apache-Coyote/1.1
RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8
RESPONSE HEADER: Date: Wed, 01 Feb 2012 16:55:39 GMT
RESPONSE HEADER: Connection: close
10445
admin/console/config/donepanel.vm
/bin/systemctl
f16-pki.test.com
false
kra
sdca
pki-krad@pki-kra.service
success
16
Done
welcome
Welcome
module
Key Store
confighsmlogin
ConfigHSMLogin
securitydomain
Security Domain
securitydomain
Display Certificate Chain
subsystem
Subsystem Type
restorekeys
Import Keys and Certificates
databasepanel
Internal Database
sizepanel
Key Pairs
namepanel
Subject Names
certrequestpanel
Requests and Certificates
backupkeys
Export Keys and Certificates
savepk12
Save Keys and Certificates
adminpanel
Administrator
importadmincertpanel
Import Administrator's Certificate
donepanel
Done
false
15
DRM Setup Wizard
donepanel
1
Sleeping for 5 secs..
Certificate System - DRM Instance Configured
#######################################################################
[root@f16-pki silent-configure]#