Hi Oli,
Oliver Welter wrote:
I am currently working on the batch processor for revoking and renewal.
I have situations were a user re-request a new certificate with changed data during the lifetime. So I must revoke the "old" certificate when I issue an new one. From the "usability" point of view, I want to revoke the old one not prior the successful creation of the new one.
So the question was - if we can create a kind of dependency-logic in the batch system. A process gets a new entry "depends on: ...." and so it is executed only if this depending process is executed successful.
I think that is not such a good idea. It is much easier to change/create the post_proc script which can create a new process to revoke the old certificate. You can import every data you want into the cert process (e.g. OLD_CERT_SERIAL). The post_proc script can use this data to create a revocation process.
I think this way is simpler and cleaner but only an idea ...
Michael -- _______________________________________________________________
Michael Bell Humboldt-Universitaet zu Berlin
Tel.: +49 (0)30-2093 2482 ZE Computer- und Medienservice Fax: +49 (0)30-2093 2704 Unter den Linden 6 [EMAIL PROTECTED] D-10099 Berlin _______________________________________________________________
smime.p7s
Description: S/MIME Cryptographic Signature
