Auto provisioning certificates

Agents, Protocols and APIs
1

So I’m setting up auto-provisioning in OR.

However, I am struggling with the certificates, I keep getting the message “certifcate invalid” over the provisioning topic.

I have created a CA and used it for the creation of a couple of client certificates with a unique id.
CA certificate → into the Manager ui Auto provisioning tab

publishing to provisioning/#unique_id#/request:

{
“type”: “x509”,
“cert”: “------#ca certificate#-----#client certificate with unique id in cn#------ ”
}

Since the tuturial says: “The cert field should be in PEM format and must contain the certificate chain up to and including the CA certificate registered within OpenRemote.”

I’ve tried it with both certificates and the client certificate only, without succes.

What am I missing here ?
Thanks in advance :slight_smile:

2

So I found my own solution here.

The challenge lies within formatting the .pem certificate chain in a one line json string format.

awk ‘NF {sub(/\r/, “”); printf “%s\n”,$0;}’ cert-name.pem

will result in the correct format :slight_smile:

https://docs.vmware.com/en/Unified-Access-Gateway/3.10/com.vmware.uag-310-deploy-config.doc/GUID-870AF51F-AB37-4D6C-B9F5-4BFEB18F11E9.html

3

Glad to hear you figured out a solution, JSON encoding can be a bit tricky. I will include a reference to formatting the PEM certificate in the wiki page. :slightly_smiling_face: