Robert Hannemann schrieb:
>
> Michael Bell wrote:
> >
> > "Dr. Donal O'Mahony" schrieb:
> > >
> > > Are there not many cases where one would want to issue multiple certs
> > > with the same DN (and different serial numbers) e.g. seperate signing
> > > and encryption certs, re-issue of a cert that had been revoked etc.
> >
> > OpenSSL supports re-issue of a cert after the revocation of this cert.
> > If you have seperate keys for encryption and signing then you must have
> > different DNs if you use openssl and we use openssl.
> >
>
> You can generate multiple certificates with the same DN in it with
> OpenSSL (this is
> a need in many Government offices where a person needs multiple
> certificates
> for signing and encryption) and this person has only one DN (the Person
> Entrie in the Directory).
> You can store as many certifiactes as you want in this Entrie because
> the
> Attribut is multivalued.
This is LDAP not OpenSSL! OpenSSL checks the index-file because OpenSSL
enforces unique DNs.
Regards michael
----------------------------------------------------------------------------
Michael Bell Email: [EMAIL PROTECTED]
Rechenzentrum - Datacenter Email (work):
[EMAIL PROTECTED]
Humboldt-University of Berlin Tel.(work): +49 (0)30-2093 2482
Unter den Linden 6 Fax.(work): +49 (0)30-2093 2959
10099 Berlin
Germany [OpenCA Core
Developer]
http://openca.sourceforge.net
Kryptographische Unterschrift mit S/MIME
