My crl path is a https link to the server itself (which cause some problems sometimes :-)
Is there a way to change the CRL-path for the further generated certs without invalidating the existing certs?
Something like rewrite the x509 file and resign it with the old, existing, not losted and valid private key.
You cannot invalidating existing certs by issuing other certs. I can recommend you two solutions in your situation:
1. issue the new certificates with a changed CDP (this don't solve the problems with the already issued certs)
2. issue a new certificate for your web server which hosts the CDP. The new cert for the webserver should include a http CDP. This should solve your problems.
Michael -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
