Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NDES method causes client crash #72

Closed
Beanow opened this issue Nov 6, 2017 · 5 comments · Fixed by #73
Closed

NDES method causes client crash #72

Beanow opened this issue Nov 6, 2017 · 5 comments · Fixed by #73
Labels
documentation help wanted

Comments

@Beanow
Copy link

Beanow commented Nov 6, 2017 

$ ./scepserver -port 8080

$ ./scepclient -private-key client.key -server-url=http://localhost:8080/scep \
	-ca-fingerprint="db951ccf2d38d7953836e785c4e709c5"
ts=2017-11-06T14:15:12.836066253Z level=info op=GetCACaps error=null took=2.282207ms
ts=2017-11-06T14:15:12.83829378Z level=info op=GetCACert error=null took=661.253µs
panic: runtime error: slice bounds out of range

goroutine 1 [running]:
main.findRecipients(0x7fff92e5029d, 0x20, 0xc42000e020, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0xd0)
	/home/myuser/go/src/github.com/micromdm/scep/cmd/scepclient/scepclient.go:246 +0x28c
main.run(0x6ec6fb, 0x1, 0xc4200710c0, 0x9, 0x7fff92e5025b, 0xa, 0x800, 0xc4200710d0, 0xa, 0xc4200710e0, ...)
	/home/myuser/go/src/github.com/micromdm/scep/cmd/scepclient/scepclient.go:159 +0x1503
main.main()
	/home/myuser/go/src/github.com/micromdm/scep/cmd/scepclient/scepclient.go:333 +0x86f
@groob
Copy link
Member

groob commented Nov 6, 2017
edited
Loading

The NDES url is not /scep but /certsrv/mscep/

Also I know that I fixed the scep NDES issues in master, but don't think those changes are part of v1.0.0
Until there's a new release, you will have to build from source to get the scepclient changes that support NDES

See list of commits here: v1.0.0...master

Windows support was added here #43

@Beanow
Copy link
Author

Beanow commented Nov 6, 2017

Currently I am using the master branch for the client and server on linux.

There is no endpoint on /certsrv/mscep/.
Tried searching the code for this endpoint, but other than the readme it's nowhere to be found.

Meanwhile the /scep endpoint does seem to respond to the -ca-fingerprint flag.
For example:

$ ./scepclient -private-key client.key -server-url=http://localhost:8080/scep -ca-fingerprint="000aaaaa0000"
ts=2017-11-06T14:38:08.276833284Z level=info op=GetCACaps error=null took=707.031µs
ts=2017-11-06T14:38:08.277354296Z level=info op=GetCACert error=null took=155.411µs
could not find cert for md5 000aaaaa0000

@groob
Copy link
Member

groob commented Nov 6, 2017

There is no endpoint on /certsrv/mscep/

There is if you're pointing the scepclient to a NDES server not to scepserver from this repo.

What are you trying to accomplish?

@Beanow
Copy link
Author

Beanow commented Nov 6, 2017

Ah I see, I thought NDES was supposed to be served by scepserver from the readme.
Only testing the different endpoints to familiarize before using.

@groob
Copy link
Member

groob commented Nov 6, 2017

If you want to make the documentation clearer, consider sending a pull request to update the readme. 🙇

Beanow pushed a commit to Beanow/scep that referenced this issue Nov 6, 2017
Update README
8443f77 
- Include all CMD arguments from -help ironically not including -help.
- Move NDES instructions to the client usage section closes micromdm#72.
- Make extra clear NDES requests are not served by scepserver.
@Beanow Beanow mentioned this issue Nov 6, 2017
Merged
@groob groob closed this as completed in #73 Nov 11, 2017
groob pushed a commit that referenced this issue Nov 11, 2017
@groob
Update README (#73)
cced6af 
- Include all CMD arguments from -help ironically not including -help.
- Move NDES instructions to the client usage section closes #72.
- Make extra clear NDES requests are not served by scepserver.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
documentation help wanted
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update README Beanow/scep
2 participants
@Beanow @groob