Differences

This shows you the differences between two versions of the page.

--- tutorial:adm:modules_crt [2019/04/26 04:32]
kopro [Revocation status list] fix list
+++ tutorial:adm:modules_crt [2019/09/02 08:20]
fiserp [How to create an authority on Windows]
@@ Line 9: / Line 9: @@
   * You need to install the **[[tutorial:adm:how_to_install_caw|CAW]]**.
-===== How to create an authority =====
+===== How to create an authority on Linux =====
 By clicking on the left menu on **Certificates** and then on **Authorities** is shown a table with certificate authorities. Click on **Add** button and a popup window is shown.
 {{ :tutorial:adm:ca_01.png |}}
@@ Line 24: / Line 24: @@
 {{ :undefined:001.png |}}
 {{ :undefined:002.png |}}
+===== How to create an authority on Windows =====
+<note important>On Windows, using diacritics in certificate/CSR DNs is currently not supported due to bug [[https://github.com/openssl/openssl/issues/8317|#8317]] in OpenSSL. This affects CRT module with CAW Windows driver. IdM handles this by stripping diacritics from certain strings before passing them to the CAW. On Linux, diacritics works fine.</note>
+The process of creating an authority on Windows is similar to the one on Linux but you need to have [[https://gitforwindows.org/|Git Bash]] installed. When creating the authority on Windows, we select the win-caw-driver. Then we just need to fill out one extra field:
+  * **Path to Git Bash** - This path leads to the bash.exe file in git\bin.
+An example of how we can configure the authority can be seen bellow:
+{{ :tutorial:adm:crt_win_01.png |}}
+{{ :tutorial:adm:crt_win_02.png |}}
+{{ :tutorial:adm:crt_win_03.png |}}
+Other than the extra field Path to Git Bash, the process is the same as on Linux.
 ===== Generate certificate in GUI =====