Can one configure the initial serial number somewhere in order to avoid reusing serials?
OPENCADIR/var/crypto/serial
This is the file where OpenSSL takes the next serial from on the CA.
What about the CRL distribution points? Should one introduce new CRL distribution URIs for the new CA? How could it be gracefully handled in LDAP?
You must have different CDPs for two CAs because you can only place the CRL from one CA on a CDP or do you know a web server which can send two files if you ask him for only one ;) The same thing with LDAP servers.
Michael -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
