How to get tickets via PKINIT without .pem user cert ?

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

How to get tickets via PKINIT without .pem user cert ?

Dorian Duc
This post has NOT been accepted by the mailing list yet.
Hello,

I want to get tickets via Heimdal PKINIT without create user.pem. I succeeded via MIT PKINIT.

With MIT, I can specify the cert id via pkinit_identities, like the following :

pkinit_identities = PKCS11:module_name=/usr/local/lib/pkcs11-spy.so:certid=be2aad08ffdcc09990104d400043ff010a00

But in the PKINIT Heimdal version I don't find the equivalent. I'd like to have the same behaviour because I don't want to generate the .pem user cert.

Do I miss something in the documentation or is it not possible to do PKINIT without generate the user.pem previously ?

Thanks

Dorian D