[prev in list] [next in list] [prev in thread] [next in thread]
List: packetfence-users
Subject: Re: [PacketFence-users] Revoking multiple PK-PKI certificates at a time
From: "Zammit, Ludovic via PacketFence-users" <packetfence-users () lists ! sourceforge ! net
Date: 2024-04-19 14:40:59
Message-ID: A4640FE0-2699-45FA-ABC9-DEFE9F0F6D6E () akamai ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hello Will,
If you are NOT using OCSP, you can just remove the certificate using MySQL command \
within PF database.
If you are using OCSP you will need to provide the certificate ID in any way.
How many certs are we talking about?
Thanks,
Ludovic Zammit
Product Support Engineer Principal Lead
Cell: +1.613.670.8432
Akamai Technologies - Inverse
145 Broadway
Cambridge, MA 02142
Connect with Us: <https://community.akamai.com/> <http://blogs.akamai.com/> \
<https://twitter.com/akamai> <http://www.facebook.com/AkamaiTechnologies> \
<http://www.linkedin.com/company/akamai-technologies> \
<http://www.youtube.com/user/akamaitechnologies?feature=results_main>
> On Apr 18, 2024, at 11:49 AM, Will Nygard via PacketFence-users \
> <packetfence-users@lists.sourceforge.net> wrote:
> Hi all,
>
> Does anyone know a way to revoke multiple PK-PKI certificates at once? I looked \
> around on the web and was unable to find a way to do this. So far, revoking one at \
> a time through the web console is working for me, as I'm just starting to implement \
> EAP-TLS, but once I scale up it would be very time consuming to revoke all at once. \
>
> The reason I need to revoke certificates en masse is to deal with an issue with \
> Jamf Pro SCEP integration, which I saw another user dealing with in this email. \
> https://urldefense.com/v3/__https://www.mail-archive.com/packetfence-users@lists.sou \
> rceforge.net/msg22151.html__;!!GjvTz_vk!RubQGmSHcWc82ONTU4JJxg3X558b_FcjeE1ETYiv47HZCn2Lv1dqFY3YCz2h4HPLTfRNsFHkX2Gh1bWmhkx6MNHbbaGoC3yjFhEXBg$ \
>
> Any ideas?
>
> Thanks,
> Will N
> Systems and Network Administrator
>
>
> _______________________________________________
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence \
> -users__;!!GjvTz_vk!RubQGmSHcWc82ONTU4JJxg3X558b_FcjeE1ETYiv47HZCn2Lv1dqFY3YCz2h4HPLTfRNsFHkX2Gh1bWmhkx6MNHbbaGoC3z86Kdf0A$
>
[Attachment #5 (unknown)]
<html><head><meta http-equiv="content-type" content="text/html; \
charset=utf-8"></head><body style="overflow-wrap: break-word; -webkit-nbsp-mode: \
space; line-break: after-white-space;">Hello Will,<div><br></div><div>If you are NOT \
using OCSP, you can just remove the certificate using MySQL command within PF \
database.</div><div><br></div><div>If you are using OCSP you will need to provide the \
certificate ID in any way.</div><div><br></div><div>How many certs are we talking \
about?<br id="lineBreakAtBeginningOfMessage"><div>
<br>
Thanks,<br>
<br>
<table cellspacing="0" cellpadding="0" width="360" border="0" align="">
<tbody><tr>
<td colspan="3" valign="bottom" height="10" style="color:#0099cc; \
padding-left:0px; padding-bottom:6px; font-family:Arial, Helvetica, \
sans-serif;font-size:14px;"><strong>Ludovic Zammit</strong><br> <span \
style="color:#666666; font-size:12px;"><strong>Product Support Engineer Principal \
Lead</strong></span></td> </tr>
<tr>
<td colspan="3" valign="bottom" style="padding-bottom:6px;"><img \
src="https://www.akamai.com/us/en/multimedia/images/custom/2019/logo-no-tag-93x45.png"></td>
</tr>
<tr>
<td style="line-height: 2px; border-bottom: 1px solid #8f9194;" colspan="2" \
valign="top"></td> </tr>
<tr>
<td height="5" valign="top" style="padding-top:6px;"><font \
face="verdana,arial,geneva,helvetica,sans-serif" color="#333333" \
size="1"><strong>Cell:</strong> +1.613.670.8432<br></font></td> <td height="5" \
style="padding-top:6px;"><font face="verdana,arial,geneva,helvetica,sans-serif" \
color="#333333" size="1">Akamai Technologies - Inverse<br>145 Broadway<br>Cambridge, \
MA 02142<br></font></td> </tr>
<tr>
<td height="7" bgcolor="#ffffff" colspan="2" valign="top"></td>
</tr>
<tr>
<td width="148" height="5" valign="middle" style="padding-left:0px; padding-top: \
10px;font-family:Arial, Helvetica, sans-serif;color:#666666;">Connect with Us:</td> \
<td style="padding-left:1px; padding-top: 10px;" width="222" height="5"> <a \
href="https://community.akamai.com" target="_blank"><img \
src="https://www.akamai.com/us/en/multimedia/images/custom/community.jpg" border="0" \
style="margin: 0 1px;"></a> <a href="http://blogs.akamai.com" target="_blank"><img \
src="https://www.akamai.com/us/en/multimedia/images/custom/rss.png" border="0" \
style="margin: 0 1px;"></a> <a href="https://twitter.com/akamai" \
target="_blank"><img \
src="https://www.akamai.com/us/en/multimedia/images/custom/twitter.png" border="0" \
style="margin: 0 1px;"></a> <a href="http://www.facebook.com/AkamaiTechnologies" \
target="_blank"><img \
src="https://www.akamai.com/us/en/multimedia/images/custom/fb.png" border="0" \
style="margin: 0 1px;"></a> <a \
href="http://www.linkedin.com/company/akamai-technologies" target="_blank"><img \
src="https://www.akamai.com/us/en/multimedia/images/custom/in.png" border="0" \
style="margin: 0 1px;"></a> <a \
href="http://www.youtube.com/user/akamaitechnologies?feature=results_main" \
target="_blank"><img \
src="https://www.akamai.com/us/en/multimedia/images/custom/youtube.png" border="0" \
style="margin: 0 1px;"></a>
</td>
</tr>
</tbody></table>
</div>
<div><br><blockquote type="cite"><div>On Apr 18, 2024, at 11:49 AM, Will Nygard via \
PacketFence-users <packetfence-users@lists.sourceforge.net> wrote:</div><br \
class="Apple-interchange-newline"><div><div>Hi all,<br><br>Does anyone know a way to \
revoke multiple PK-PKI certificates at once? I looked around on the web and was \
unable to find a way to do this. So far, revoking one at a time through the web \
console is working for me, as I'm just starting to implement EAP-TLS, but once I \
scale up it would be very time consuming to revoke all at once. <br><br>The reason I \
need to revoke certificates en masse is to deal with an issue with Jamf Pro SCEP \
integration, which I saw another user dealing with in this email. \
https://urldefense.com/v3/__https://www.mail-archive.com/packetfence-users@lists.sourc \
eforge.net/msg22151.html__;!!GjvTz_vk!RubQGmSHcWc82ONTU4JJxg3X558b_FcjeE1ETYiv47HZCn2Lv1dqFY3YCz2h4HPLTfRNsFHkX2Gh1bWmhkx6MNHbbaGoC3yjFhEXBg$ \
<br><br>Any ideas?<br><br>Thanks,<br>Will N<br>Systems and Network \
Administrator<br><br><br>_______________________________________________<br>PacketFence-users \
mailing list<br>PacketFence-users@lists.sourceforge.net<br>https://urldefense.com/v3/_ \
_https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!RubQGmSHc \
Wc82ONTU4JJxg3X558b_FcjeE1ETYiv47HZCn2Lv1dqFY3YCz2h4HPLTfRNsFHkX2Gh1bWmhkx6MNHbbaGoC3z86Kdf0A$ \
<br></div></div></blockquote></div><br></div></body></html>
["smime.p7s" (smime.p7s)]
0� *H
��� 0���1�0
� `H�e������0� *H
����� 0�f0�� ������>���
��hS�����
0
��*H=���0?1!0���U�
��Akamai Technologies Inc.1�0���U����AkamaiCorpRoot-G10��
150604144607Z�
250604145607Z0<1!0���U�
��Akamai Technologies \
Inc.1�0���U����AkamaiClientCA0Y0���*H=����*H=����B��4��5�Zapo� \
�qb�X�uwhW$%o�:OH��0�0�� +����7�������0���U������1fM���
,�0��U� �00��*��N� ���00X��+�������0L�J�A�k�a�m�a�i� \
�C�e�r�t�i�f�i�c�a�t�e� �P�r�a�c�t�i�c�e� \
�S�t�a�t�e�m�e�n�t06��+��������*http://akamaicrl.akamai.com/AkamaiCPS.pdf�0U��U�%�N0L��+���������+��������
+����7����
+����7
���
+����7
����+���������+������ 0�� +����7�����
�S�u�b�C�A0���U�������0���U������0���0���U�#��0���Y�9M�W \
${0��U���y0w0u s \
q1http://akamaicrl.akamai.com/AkamaiCorpRoot-G1.crl<http://akamaicrl.dfw01.corp.akam \
ai.com/AkamaiCorpRoot-G1.crl0��+��������00-��+�����0�!http://akamaiocsp.akamai. \
com/ocsp0=��+�����0�1http://akamaicrl.akamai.com/AkamaiCorpRoot-G1.crt0H��+�����0�<http://akamaicrl.dfw01.corp.akamai.com/AkamaiCorpRoot-G1.crt0
��*H=����I�0F�!�Ž�B9i�GBKJi��d����!�\K0w�{|�}�6(|�g�*=B+0��0� \
�������� {���)Q��� {0 ��*H=���0<1!0���U�
��Akamai Technologies Inc.1�0���U����AkamaiClientCA0��
240221164515Z�
250604145607Z0P1�0���U����MacBook Pro-MD6P1�0���U����luzammi1!0�� *H
� ���luzammi@akamai.com0�"0
� *H
���������0�
����m(
,w3���g*~u�xry��樵�ϡ[]zypsB̏ԓ3eîJ 3Kۀ$�%; \
AZT`�nBcڛv��л� <)�,*3R`m
efr�_Ż"C4mr^: Ό˄?(Ĺ/
�.d�`=J��9\k���pwC68UݪoǿpmXg !r
x��Wp}J�C�������0�0���U�������0)��U�%�"0 ��+���������+��������
+����7
��0���U������Vvq{ϯ_sT8s�0F��U���?0= '�
+����7��� ���luzammi@corp.akamai.com�luzammi@akamai.com0���U�#��0��1fM���
,�0z��U���s0q0o m k.http://akamaicrl.akamai.com/AkamaiClientCA.crl9http://akamaicrl.dfw01.corp.akamai.com/AkamaiClientCA.crl0 \
��+��������00:��+�����0�.http://akamaicrl.akamai.com/AkamaiClientCA.crt0E��+����� \
0�9http://akamaicrl.dfw01.corp.akamai.com/AkamaiClientCA.crt0-��+�����0�!http://akam \
aiocsp.akamai.com/ocsp0;� +����7���.0,�$+����7��:-�!�I���d��S05� +����7�
�(0&0
��+�������0
��+�������0��
+����7
��0D� *H
� ��7050���*H
�����0���*H
�����0���+����0
��*H
��0
��*H=����G�0D� )D�
u�>hykqd� Yv�ݴ⏲I� m_Ic�K[K`�`WX3no-2A1�0����0S0<1!0���U�
��Akamai Technologies Inc.1�0���U����AkamaiClientCA���� {���)Q��� {0
� `H�e������ i0�� *H
� �1�� *H
���0�� *H
� �1��
240419144049Z0/� *H
� �1"� Ǚԧ�Fj}ms��ݦ�m�0
� *H
��������FYڷ�#%�>ms���H8Je(M==I0`S$%0 \
iGq\5A3U( \
-'B����b�M+�ߔ`͎rv,V�]�^�Zdi@Y)k2~\�EDzR \
�!ܮ�Xߩ4{�C,9�y.qEzh1|Q7ˍE ^ $,f��QK̝� �UO�K^O^[��
��1Ť������
[Attachment #7 (--===============6262623533815580725==)]
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic