Hi,
we are currently testing version 12.3. We encountered some problems with CAPKI.
We want to use our own certificats and to separate them for agents and AE. The agent certificate should only be used to access the agent ServiceManager but not the AE. The AE (and their ServiceManagers in turn) should be able to access both the AE and the agents.
For this purpose, we have placed the Agent and AE certificates in the trusted folder of the Agent ServiceManager. Unfortunately, the ServiceManager only checks one of the two certificates at a time, so that you can either connect to the CLI of the agent or the server. But according to the
documentation this should work: "To enable certificate validation, you have to create a folder that contains all certificates that the component should consider as trusted".
Has anyone successfully used CAPKI with multiple trusted certificates?
Best Regards
Tim
------------------------------
Automation Evangelist
Fiducia & GAD IT AG
---
Mitglied des deutschsprachigen Automic-Anwendervereins FOKUS e.V.
Member of the German speaking Automic user association FOKUS e.V.
------------------------------