Exporting CSR Files

[root@agent3]# su -s /bin/bash - haf -c "haf-tool cert --server xx.xx.xx.xx --path /home/ca_server/  --user root --export --offload"
please enter passwd:
[transfer csr of daemon Success]
[transfer csr of haf_user Success]

After step 1 is performed, the CSR files of the daemon and haf_user are transferred to the corresponding issuing paths on the remote CA server. The prefix is the MAC address of the exported CSR file.

To obtain the MAC address, run ifconfig | grep ether | awk 'NR==1' | awk '{print $2}'. An example command output is 68:4x:xx:xx:xx:aa, and the character string after the colons (:) are deleted is the MAC address.

[root@agent3]# ll /home/ca_server/
total 32K
-rw------- 1 root root 1.5K Nov 17 09:07 8446fe73b2bbdaemon.csr
-rw-rw---- 1 root root 1.5K Nov 17 09:07 8446fe73b2bbhaf_user.csr
-rw-r--r-- 1 root root 1.7K Nov 17 10:24 ca.crt
-rw------- 1 root root 2.5K Nov 17 10:24 ca.key
drwxr-xr-x 5 root root 4.0K Nov 17 15:32 demoCA
-rw-r--r-- 1 root root  11K Nov 17 10:23 openssl.cnf

The script parameters are described as follows:

• ca_server_ip: IP address of the CA server for issuing certificates.
• ca_server_path: Certificate issuing path of the CA server.
• ca_server_user: User name for logging in to the CA server for issuing certificates.