Hi Michael,
in case of CA take a look here:
http://privacyidea.readthedocs.io/en/latest/configuration/caconnectors.html
privacyIDEA comes with a basic local CA connector, which is calling a
local openssl configuration. The CA connector concept is the idea of
allowing different kind of CA. If someone wants to dive into RPC you
could also connect to a microsoft CA.
The CA functionality for local CA was improved in the latest version,
but still - as the trust of the CA does not come from privacyIDEA itself
but from the underlying CA - you need to do some setup in openssl.
Kind regards
CorneliusAm Montag, den 06.06.2016, 03:45 -0700 schrieb Michael Muenz:
Sadly … yes 
Ok, I’ve installed the Trusty packages with Jessie so collect some
ideas of how all things work.
Now I have a fresh setup and was able to import some users from ldap.
Will try to import some Safenet and Feitian tokens and test the
WebCA :))
Michael
Am Montag, 6. Juni 2016 11:21:03 UTC+2 schrieb Cornelius Kölbel:
Do you have such a poor standing at the support team? 
Of course you will not run it with py-mange the same way you
will not
run linotp with the crappy old paster!
You will not need an init script, since it runs as a web
service.
Read
http://privacyidea.readthedocs.io/en/latest/installation/system/wsgiscript.html
and here you will see the real killer feature, i.e.
you can run several independent instances of privacyIDEA on
one machine!
Kind regards
Cornelius
Am Montag, den 06.06.2016, 02:15 -0700 schrieb Michael Muenz:
> I checked the PIP stuff, but is this really usable for
productive
> usage?
> This seems to me like a virtual testing environment.
>
>
> Is there a init.script or will I have to start it always
via
> py-manage?
>
>
> When I think about a support team and teach it how stuff
works, they
> will kill me when they see a new thing like this :)
>
>
>
>
> Michael
>
> Am Montag, 6. Juni 2016 11:00:55 UTC+2 schrieb Cornelius
Kölbel:
> Hi Michael,
>
> I think there are also some other interesting
things, besides
> the
> mordern UI and the redesigned REST API like
>
> * assign tokens to machines
> * offline OTP
> * radius migration
> * event handler
> to name a few...
>
> Nevertheless, I am curious for your feedback.
>
> Kind regards
> Cornelius
>
> Am Montag, den 06.06.2016, 01:20 -0700 schrieb
Michael Muenz:
> > Cornelius,
> >
> >
> > Thanks for your fast reply! Until now I'm very
familiar with
> LinOTP
> > and it works pretty good with Debian 8, but your
new feature
> to manage
> > certificates could be a killer (for LinOTP).
> > I'll have a look at PIP and try to migrate some
accounts for
> testing.
> >
> >
> > Keep up with the good work!
> >
> >
> > Michael
> >
> > On Monday, June 6, 2016 at 10:05:11 AM UTC+2, Cornelius Kölbel wrote:
> > Hello Michael,
> >
> > I would recommend using pip with a
virtual
> environment.
> > Honestly I am also thinking about
switching packages
> to
> > virtual
> > environments. PIP installations are also
supported
> by the
> > enterprise
> > SLAs. So you can be sure, that this is no
dead end.
> >
> > The 14.04 packages have dependencies to
python
> modules. The
> > privacyidea
> > modules reside in the systems module
path.
> > Dependent modules are also taken from the
system.
> Which is
> > sometimes
> > difficult, due to version differences!
> > And with 16.04 there is also a naming
conflict in
> dependent
> > modules.
> >
> > So I am in fact thinking about having the
packages
> > (deb-packages)
> > containing self contained python virtual
envs.
> > The debian package and the RPM packages
already work
> this
> > way...
> >
> > So when updating your system with apt-get
the pip
> installed
> > self
> > contained privacyidea virtualenv will also
be
> updated.
> >
> > Kind regards
> > Cornelius
> >
> >
> > Am Montag, den 06.06.2016, 00:43 -0700 schrieb
> Michael Muenz:
> > > Hey guys,
> > >
> > >
> > > I'm a Debian guy and want to run the
software with
> the
> > latest Debian
> > > 8. The documentation tells me to use the
Ubuntu
> packages,
> > but I'm a
> > > bit afraid it this is a long term
solution?
> > > Also the packages are only available fot
Ubuntu
> LTS 14.4,
> > not the
> > > 16.4.
> > >
> > >
> > > So what is the best way for a mission
critical use
> with some
> > LTS type?
> > > Use of PiP? Use old LTS? Use Debian 7
and wait for
> a stable
> > Debian 8
> > > package?
> > > I don't like CentOS, so this is not a
real
> alternative for
> > me.
> > >
> > >
> > > Thanks!
> > > Michael
> > > --
> > > Please read the blog post about getting
help
> > >
https://www.privacyidea.org/getting-help/.
> > >
> > > For professional services and
consultancy
> regarding two
> > factor
> > > authentication please visit
> > >
>
https://netknights.it/en/leistungen/one-time-services/
> > >
> > > In an enterprise environment you should
get a
> SERVICE LEVEL
> > AGREEMENT
> > > which suites your needs for SECURITY,
AVAILABILITY
> and
> > LIABILITY:
> > >
> >
>
https://netknights.it/en/leistungen/service-level-agreements/
> > > ---
> > > You received this message because you
are
> subscribed to the
> > Google
> > > Groups "privacyidea" group.
> > > To unsubscribe from this group and stop
receiving
> emails
> > from it, send
> > > an email to
privacyidea...@googlegroups.com.
> > > To post to this group, send email to
> > priva...@googlegroups.com.
> > > Visit this group at
> >
https://groups.google.com/group/privacyidea.
> > > To view this discussion on the web
visit
> > >
> >
>
https://groups.google.com/d/msgid/privacyidea/77685887-ce6c-4003-820f-a8b4679e6cf5%40googlegroups.com.
> > > For more options, visit
> https://groups.google.com/d/optout.
> >
> > --
> > Cornelius Kölbel
> > corneliu...@netknights.it
> > +49 151 2960 1417
> >
> > NetKnights GmbH
> > http://www.netknights.it
> > Landgraf-Karl-Str. 19, 34131 Kassel,
Germany
> > Tel: +49 561 3166797, Fax: +49 561
3166798
> >
> > Amtsgericht Kassel, HRB 16405
> > Geschäftsführer: Cornelius Kölbel
> >
> >
> > --
> > Please read the blog post about getting help
> > https://www.privacyidea.org/getting-help/.
> >
> > For professional services and consultancy
regarding two
> factor
> > authentication please visit
> >
https://netknights.it/en/leistungen/one-time-services/
> >
> > In an enterprise environment you should get a
SERVICE LEVEL
> AGREEMENT
> > which suites your needs for SECURITY, AVAILABILITY
and
> LIABILITY:
> >
>
https://netknights.it/en/leistungen/service-level-agreements/
> > ---
> > You received this message because you are
subscribed to the
> Google
> > Groups "privacyidea" group.
> > To unsubscribe from this group and stop receiving
emails
> from it, send
> > an email to privacyidea...@googlegroups.com.
> > To post to this group, send email to
> priva...@googlegroups.com.
> > Visit this group at
> https://groups.google.com/group/privacyidea.
> > To view this discussion on the web visit
> >
>
https://groups.google.com/d/msgid/privacyidea/456dda03-aac7-4d04-9b72-1d69cfeed0f2%40googlegroups.com.
> > For more options, visit
https://groups.google.com/d/optout.
>
> --
> Cornelius Kölbel
> corneliu...@netknights.it
> +49 151 2960 1417
>
> NetKnights GmbH
> http://www.netknights.it
> Landgraf-Karl-Str. 19, 34131 Kassel, Germany
> Tel: +49 561 3166797, Fax: +49 561 3166798
>
> Amtsgericht Kassel, HRB 16405
> Geschäftsführer: Cornelius Kölbel
>
>
> --
> Please read the blog post about getting help
> https://www.privacyidea.org/getting-help/.
>
> For professional services and consultancy regarding two
factor
> authentication please visit
> https://netknights.it/en/leistungen/one-time-services/
>
> In an enterprise environment you should get a SERVICE LEVEL
AGREEMENT
> which suites your needs for SECURITY, AVAILABILITY and
LIABILITY:
>
https://netknights.it/en/leistungen/service-level-agreements/
> ---
> You received this message because you are subscribed to the
Google
> Groups "privacyidea" group.
> To unsubscribe from this group and stop receiving emails
from it, send
> an email to privacyidea...@googlegroups.com.
> To post to this group, send email to
priva...@googlegroups.com.
> Visit this group at
https://groups.google.com/group/privacyidea.
> To view this discussion on the web visit
>
https://groups.google.com/d/msgid/privacyidea/dbbdfdaf-6afe-4b8a-b4e2-27aa8f6734d1%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Cornelius Kölbel
corneliu...@netknights.it
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
–
Please read the blog post about getting help
https://www.privacyidea.org/getting-help/.
For professional services and consultancy regarding two factor
authentication please visit
https://netknights.it/en/leistungen/one-time-services/
In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
https://netknights.it/en/leistungen/service-level-agreements/
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/fed4185c-58de-4da5-88f5-896511763722%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
@cornelinux
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
signature.asc (836 Bytes)