Hi Michael,
in case of CA take a look here:
http://privacyidea.readthedocs.io/en/latest/configuration/caconnectors.html
privacyIDEA comes with a basic local CA connector, which is calling a
local openssl configuration. The CA connector concept is the idea of
allowing different kind of CA. If someone wants to dive into RPC you
could also connect to a microsoft CA.
The CA functionality for local CA was improved in the latest version,
but still - as the trust of the CA does not come from privacyIDEA itself
but from the underlying CA - you need to do some setup in openssl.
Kind regards
CorneliusAm Montag, den 06.06.2016, 03:45 -0700 schrieb Michael Muenz:
Sadly … yes
Ok, I’ve installed the Trusty packages with Jessie so collect some
ideas of how all things work.
Now I have a fresh setup and was able to import some users from ldap.
Will try to import some Safenet and Feitian tokens and test the
WebCA :))
Michael
Am Montag, 6. Juni 2016 11:21:03 UTC+2 schrieb Cornelius Kölbel:
Do you have such a poor standing at the support team?
Of course you will not run it with py-mange the same way you
will not
run linotp with the crappy old paster!
You will not need an init script, since it runs as a web
service.
Read
http://privacyidea.readthedocs.io/en/latest/installation/system/wsgiscript.html
and here you will see the real killer feature, i.e.
you can run several independent instances of privacyIDEA on
one machine!
Kind regards
Cornelius
Am Montag, den 06.06.2016, 02:15 -0700 schrieb Michael Muenz:
> I checked the PIP stuff, but is this really usable for
productive
> usage?
> This seems to me like a virtual testing environment.
>
>
> Is there a init.script or will I have to start it always
via
> py-manage?
>
>
> When I think about a support team and teach it how stuff
works, they
> will kill me when they see a new thing like this :)
>
>
>
>
> Michael
>
> Am Montag, 6. Juni 2016 11:00:55 UTC+2 schrieb Cornelius
Kölbel:
> Hi Michael,
>
> I think there are also some other interesting
things, besides
> the
> mordern UI and the redesigned REST API like
>
> * assign tokens to machines
> * offline OTP
> * radius migration
> * event handler
> to name a few...
>
> Nevertheless, I am curious for your feedback.
>
> Kind regards
> Cornelius
>
> Am Montag, den 06.06.2016, 01:20 -0700 schrieb
Michael Muenz:
> > Cornelius,
> >
> >
> > Thanks for your fast reply! Until now I'm very
familiar with
> LinOTP
> > and it works pretty good with Debian 8, but your
new feature
> to manage
> > certificates could be a killer (for LinOTP).
> > I'll have a look at PIP and try to migrate some
accounts for
> testing.
> >
> >
> > Keep up with the good work!
> >
> >
> > Michael
> >
> > On Monday, June 6, 2016 at 10:05:11 AM UTC+2, Cornelius Kölbel wrote:
> > Hello Michael,
> >
> > I would recommend using pip with a
virtual
> environment.
> > Honestly I am also thinking about
switching packages
> to
> > virtual
> > environments. PIP installations are also
supported
> by the
> > enterprise
> > SLAs. So you can be sure, that this is no
dead end.
> >
> > The 14.04 packages have dependencies to
python
> modules. The
> > privacyidea
> > modules reside in the systems module
path.
> > Dependent modules are also taken from the
system.
> Which is
> > sometimes
> > difficult, due to version differences!
> > And with 16.04 there is also a naming
conflict in
> dependent
> > modules.
> >
> > So I am in fact thinking about having the
packages
> > (deb-packages)
> > containing self contained python virtual
envs.
> > The debian package and the RPM packages
already work
> this
> > way...
> >
> > So when updating your system with apt-get
the pip
> installed
> > self
> > contained privacyidea virtualenv will also
be
> updated.
> >
> > Kind regards
> > Cornelius
> >
> >
> > Am Montag, den 06.06.2016, 00:43 -0700 schrieb
> Michael Muenz:
> > > Hey guys,
> > >
> > >
> > > I'm a Debian guy and want to run the
software with
> the
> > latest Debian
> > > 8. The documentation tells me to use the
Ubuntu
> packages,
> > but I'm a
> > > bit afraid it this is a long term
solution?
> > > Also the packages are only available fot
Ubuntu
> LTS 14.4,
> > not the
> > > 16.4.
> > >
> > >
> > > So what is the best way for a mission
critical use
> with some
> > LTS type?
> > > Use of PiP? Use old LTS? Use Debian 7
and wait for
> a stable
> > Debian 8
> > > package?
> > > I don't like CentOS, so this is not a
real
> alternative for
> > me.
> > >
> > >
> > > Thanks!
> > > Michael
> > > --
> > > Please read the blog post about getting
help
> > >
https://www.privacyidea.org/getting-help/.
> > >
> > > For professional services and
consultancy
> regarding two
> > factor
> > > authentication please visit
> > >
>
https://netknights.it/en/leistungen/one-time-services/
> > >
> > > In an enterprise environment you should
get a
> SERVICE LEVEL
> > AGREEMENT
> > > which suites your needs for SECURITY,
AVAILABILITY
> and
> > LIABILITY:
> > >
> >
>
https://netknights.it/en/leistungen/service-level-agreements/
> > > ---
> > > You received this message because you
are
> subscribed to the
> > Google
> > > Groups "privacyidea" group.
> > > To unsubscribe from this group and stop
receiving
> emails
> > from it, send
> > > an email to
privacyidea...@googlegroups.com.
> > > To post to this group, send email to
> > priva...@googlegroups.com.
> > > Visit this group at
> >
https://groups.google.com/group/privacyidea.
> > > To view this discussion on the web
visit
> > >
> >
>
https://groups.google.com/d/msgid/privacyidea/77685887-ce6c-4003-820f-a8b4679e6cf5%40googlegroups.com.
> > > For more options, visit
> https://groups.google.com/d/optout.
> >
> > --
> > Cornelius Kölbel
> > corneliu...@netknights.it
> > +49 151 2960 1417
> >
> > NetKnights GmbH
> > http://www.netknights.it
> > Landgraf-Karl-Str. 19, 34131 Kassel,
Germany
> > Tel: +49 561 3166797, Fax: +49 561
3166798
> >
> > Amtsgericht Kassel, HRB 16405
> > Geschäftsführer: Cornelius Kölbel
> >
> >
> > --
> > Please read the blog post about getting help
> > https://www.privacyidea.org/getting-help/.
> >
> > For professional services and consultancy
regarding two
> factor
> > authentication please visit
> >
https://netknights.it/en/leistungen/one-time-services/
> >
> > In an enterprise environment you should get a
SERVICE LEVEL
> AGREEMENT
> > which suites your needs for SECURITY, AVAILABILITY
and
> LIABILITY:
> >
>
https://netknights.it/en/leistungen/service-level-agreements/
> > ---
> > You received this message because you are
subscribed to the
> Google
> > Groups "privacyidea" group.
> > To unsubscribe from this group and stop receiving
emails
> from it, send
> > an email to privacyidea...@googlegroups.com.
> > To post to this group, send email to
> priva...@googlegroups.com.
> > Visit this group at
> https://groups.google.com/group/privacyidea.
> > To view this discussion on the web visit
> >
>
https://groups.google.com/d/msgid/privacyidea/456dda03-aac7-4d04-9b72-1d69cfeed0f2%40googlegroups.com.
> > For more options, visit
https://groups.google.com/d/optout.
>
> --
> Cornelius Kölbel
> corneliu...@netknights.it
> +49 151 2960 1417
>
> NetKnights GmbH
> http://www.netknights.it
> Landgraf-Karl-Str. 19, 34131 Kassel, Germany
> Tel: +49 561 3166797, Fax: +49 561 3166798
>
> Amtsgericht Kassel, HRB 16405
> Geschäftsführer: Cornelius Kölbel
>
>
> --
> Please read the blog post about getting help
> https://www.privacyidea.org/getting-help/.
>
> For professional services and consultancy regarding two
factor
> authentication please visit
> https://netknights.it/en/leistungen/one-time-services/
>
> In an enterprise environment you should get a SERVICE LEVEL
AGREEMENT
> which suites your needs for SECURITY, AVAILABILITY and
LIABILITY:
>
https://netknights.it/en/leistungen/service-level-agreements/
> ---
> You received this message because you are subscribed to the
Google
> Groups "privacyidea" group.
> To unsubscribe from this group and stop receiving emails
from it, send
> an email to privacyidea...@googlegroups.com.
> To post to this group, send email to
priva...@googlegroups.com.
> Visit this group at
https://groups.google.com/group/privacyidea.
> To view this discussion on the web visit
>
https://groups.google.com/d/msgid/privacyidea/dbbdfdaf-6afe-4b8a-b4e2-27aa8f6734d1%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Cornelius Kölbel
corneliu...@netknights.it
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
–
Please read the blog post about getting help
Getting help – privacyID3A.
For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - Verschlüsselung
In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support Level
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/fed4185c-58de-4da5-88f5-896511763722%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
@cornelinux
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
signature.asc (836 Bytes)