Supplied PFX Password Not Cached #2572
Replies: 4 comments
-
Look for the password at the store section, not at the top, which is the cache password. |
Beta Was this translation helpful? Give feedback.
-
Maybe my coffee hasn't kicked in yet, but I don't see anything within the "Show details for renewal" section that lists the specific PFX password we supplied: `- ----------------------------------------------------------------- Id: mXG-UsExxxxxxxxxxxxRgA Plugins ----------------------------------------------------------------- Source: Manual Orders -----------------------------------------------------------------` Is there something we're missing? The specific supplied pfx password should be cached and accessible, right? Or is there a method to get the renewal process to pass the specific password to a post-renewal script? When we try things that way, all we seem to get is the random password when using Thanks! |
Beta Was this translation helpful? Give feedback.
-
So from this information that you've shown, it doesn't seem that you've actually chosen a password. To get a .pfx with a chosen password you have to use the PfxFile store plugin: https://www.win-acme.com/reference/plugins/store/pfxfile |
Beta Was this translation helpful? Give feedback.
-
This is the manual command I tried: And this is the output from WACS after the process completed: Id: mXG-xxxxxxxxxxxxxxxxxxx Plugins ----------------------------------------------------------------- Source: Manual Orders -----------------------------------------------------------------` The password that is passed to the post-renewal PS1 script file is the one from the ".pfx password:" field. And we don't see any listing of the specific password we supplied in the command within the output from the WACS GUI. Are we missing something obvious? Is it not caching the specific password, but only the random one...? Thanks! |
Beta Was this translation helpful? Give feedback.
-
For certain instances, we have to supply a specific password to be used when creating the PFX cert. The overall cert request process seems to work just fine, and we can successfully use the specific password to view the contents of the obtained PFX cert (we just use an OpenSSL .exe command against the .pfx file to quick verify things).
However, we cannot find the specific password within the cache on the device after it was originally obtained. When we explore using the GUI all we see is what we assume is the built-in random password:
This was on 64-bit Windows Server 2022 using version 2.2.5.1541 of the WACS client.
Our assumption is that the ".pfx password:" field would contain our specific password so that we could retrieve it at a later date if needed. Is this a bug where the incorrect password is getting cached...?
Beta Was this translation helpful? Give feedback.
All reactions