Oli, yes I think this is the correct way to do what you want to do !! There is an RA interface screen to do exactly this. I am in the process of documenting the RA screens, and this is certinly my understanding !
Chris... On Friday 04 July 2003 10:02, Oliver Welter wrote: > Hi Baba, > > sorry I didnt make my question clear enough... > > I know about the theorie with keys and certs - but I am looking for the > pratical solution for renewing the certs when the scheduled lifetime (1 > year) is over.... > Because the Certs are "only" expired and the keys are still safe I just > want to refresh the timestamp on the certificate. So I think its enough > to simply re-sign the public key of the users keypair. > > I tried now to simply redo the Request (its stored in the database vor > each valid certificate) and it seems to work. Mozilla reasigns the cert > to the "old" keys and uses it together - I have to check Outlook now... > > Oli > > Babatunde A Jayeju-akinsiku wrote: > > Oliver > > this is going back to basics. if you need to renew the old certs, then > > you'll have to revoke the old ones, i don't think you need to regenerate > > the keys (at least in principles) unless of course the keys are > > compromised. > > > >>Baba > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] Behalf Of Oliver > > Welter > > Sent: 04 July 2003 08:44 > > To: [EMAIL PROTECTED] > > Subject: [Openca-Users] Renew a Browser generated Certificate > > > > > > Hi Folks, > > > > > > BIIIG problem :P > > I have openca 0.9.1-1 running successfully and issued certificates to > > some people. We chose client-side key generation (using Mozilla 1.3/1.4 > > on Win/Linux and IE 5x/6) - now everybody has a kind of p12 File with > > his/her private Key and valid cert. > > What I am looking for: It is possible to renew the cert without changing > > the private key ?? How ??? Or must I create new keys every year this way > > and should use server-side key gen ? > > > > regards > > > > Oliver > > > > > > > > ------------------------------------------------------- > > This SF.Net email sponsored by: Free pre-built ASP.NET sites including > > Data Reports, E-commerce, Portals, and Forums are available now. > > Download today and enter to win an XBOX or Visual Studio .NET. > > http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 > > _______________________________________________ > > Openca-Users mailing list > > [EMAIL PROTECTED] > > https://lists.sourceforge.net/lists/listinfo/openca-users > > ------------------------------------------------------- > This SF.Net email sponsored by: Free pre-built ASP.NET sites including > Data Reports, E-commerce, Portals, and Forums are available now. > Download today and enter to win an XBOX or Visual Studio .NET. > http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 > _______________________________________________ > Openca-Users mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/openca-users ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
