[rs-users] mo_csr - how to send a csr over website

Frank Leprich f.leprich at finestwebs.net
Mon May 24 13:12:16 CEST 2021 

Hi all,

I am trying to send a csr against the mod_csr over a website.
I can not figure out the right textarea name like "subject-*" (nid).

my form:
<form action="http://localhost/csr" method="post">
<input type="hidden" name="pkcs10" id="pkcs10" value="" />
<textarea name="subject-CN" rows="30" cols="64"></textarea>
<input type="submit">
</form>

my request:
-----BEGIN CERTIFICATE REQUEST-----
MIICYDCCAUgCAQAwGzELMAkGA1UEBhMCREUxDDAKBgNVBAMMA2ZkYjCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKGdu5R6nvNFjyHpSknQnolKfRH0a4oe
uSlk3tnUM1klymbhyL3zKZ4/4us8S4xeE0HhQBpIm/NsFamIJLjZtt87cM/dAZff
HYfjLC97j/aWgTT3DJNyiSakZv8f35QcQPRO6KDH5kKP13+CI+4NIeOQ9GgAcaMz
LTHfWxBQ0uJwsk5Qr18yt+TWwuqewQid0LEPUrtKbbpwvrMHeBtBD8G7kB1GVvXB
iULODfU5QT1Aj0qnrDYEOWCICqLl3/1W4mzOME1bXfoNKpbp3mwp77u5Wguu5fBj
r7UIG5RmngdWcFfuVEWmZEP9Ekk983i/FU+iGrGYPSHpbw+q+b53PWkCAwEAAaAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCS62J8vrJaqaMDbsZSbrrSnU9gc3jYgaYcVRRH
oAu3hSA7jwSR3sTeGi3LZy53Uo1+sd0YgfBTf3+waobg0JyCI7lBaRyKSEbTBXV2
UreLFE13ZRfr98lvswWj3wMEOerduhe/ugd98NCL+2jf0QcC3n1K8agsLhb2sDp0
hKF+WNs4EqPhDxJgzfhDFzh4cYW20l9jMLA1Bhr4IVuInqYBc4OwNFMSSXAv29rb
YDqAYlQVxZ8slWda7eazaWdYEu+uclaBGOOsaZgToQS+T+CVaUYx/b25hlA+7PLb
qdVjQ3DzPwnChpdPV3WSgoDHEF2v1GudjnEadvxUsnq1NIow
-----END CERTIFICATE REQUEST-----

my apache conf:
<IfModule mod_ca_simple.c>
   CASimpleCertificate /etc/pki/ca/ca-root.pem
   CASimpleKey /etc/pki/ca/ca-root.key.pub
   CASimpleTime on
   CASimpleSerialRandom on
</IfModule>

<IfModule mod_ca_disk.c>
   CADiskCertificateSignRequestPath /etc/pki/ca/certs/
   CADiskCertificateByTransactionPath /etc/pki/ca/certs/
</IfModule>

<IfModule mod_ca_crl.c>
   CACRLCertificateRevocationList /etc/pki/ca/crl-root.pem
</IfModule>

<IfModule mod_crl.c>
<Location /crl>
   SetHandler crl
   CrlEncoding der
</Location>
</IfModule>

<IfModule mod_csr.c>
   <Location /csr>
     SetHandler csr
     # use subject from the certificate sign request unmodified
     CsrSubjectRequest *
   </Location>
</IfModule>

<Location /ocsp>
   SetHandler ocsp
   OcspSigningCertificate /etc/pki/ca/ocsp.pem
   OcspSigningKey /etc/pki/ca/ocsp.key
</Location>
</IfModule>

<IfModule mod_timestamp.c>
<Location /tsa>
   SetHandler timestamp
   TimestampSigningCertificate /etc/pki/ca/tsa.pem
   TimestampSigningKey /etc/pki/ca/tsa.key
   TimestampDigest SHA256
   TimestampDefaultPolicy 0.4.0.2023.1.1
   TimestampTsaName on
   TimestampClockPrecisionDigits 0
   CASimpleSerialRandom on
   CASimpleTime on
</Location>
</IfModule>

ocsp and timestamp just work fine.

thanks for your help in advance.

Frank
-- 
Frank Leprich
Carl-Blechen-Str. 1
03226 Vetschau

More information about the rs-users mailing list