[Openca-Users] wen CA changes of key.....

Mon, 15 Mar 2004 05:59:48 -0800 

Thanks to MICHAEL and all by responding me!    Now , MICHAEL , I have other
consultations: you would be able to tell me that steps I should do to
install in the same machine a new one CA....This is the file that use. ....
#!/bin/sh

PREFIX=$1
VER=0.9.1.1

if [ -z "${PREFIX}" ] ; then
      PREFIX=/usr/local/openca.${VER}
fi

./configure \
  --prefix=${PREFIX} \
  --with-httpd-host=xx.gov.ar \
  --with-engine=no \
  --with-httpd-user=apache \
  --with-httpd-group=apache \
   --with-openca-prefix=${PREFIX}/openca \
  --with-etc-prefix=${PREFIX}/openca/etc \
  --with-module-prefix=${PREFIX}/modules \
  --with-httpd-fs-prefix=/var/www/html \
  --with-cgi-fs-prefix=/var/www/cgi-bin \
  --with-ca-htdocs-fs-prefix=/var/www/html/ca \
  --with-ca-cgi-fs-prefix=/var/www/cgi-bin/ca \
  --with-ca_node-htdocs-fs-prefix=/var/www/html/ca_node \
  --with-ca_node-cgi-fs-prefix=/var/www/cgi-bin/ca_node \
  --with-ldap-htdocs-fs-prefix=/var/www/html/ldap \
  --with-ldap-cgi-fs-prefix=/var/www/cgi-bin/ldap \
  --with-web-host=xx.gov.ar \
  --with-ca-organization="XXX" \
  --with-ca-country=ar \
  --with-ca-locality=ba \
  --with-openssl-prefix=/usr/local/ssl \
  --with-hierarchy-level=ra \
  --with-ldap-port=389 \
  --with-ldap-root="cn=Manager,o=scba,c=ar" \
  --with-ldap-root-pwd="XXXX" \
  --enable-ocspd \
  --disable-db \
  --enable-dbi \
  --enable-rbac \
  --with-db-type=Pg \
  --with-db-name=openca \
  --with-db-host=ac.scba.gov.ar \
  --with-db-port=5432 \
  --with-db-user=openca \
  --with-db-passwd="WWWWWWW" \
  --with-service-mail-account="[EMAIL PROTECTED]" \
  --with-language=es_ES


In the case that the private key of the CA not this compromised, and the
period of validity of the certificate be finished ....in this case is
possible that be renewed the request of the certificate. ....?
 that happens with the certificates and with the crls. ...?

Changing or not the private key, according to what have happened, when the
certificate is signed for a CA external there is some recomendacion for such
cases?

The procedure to install a new one ca, is independent of the management of
the private key?  It is the same thing to have a private key generated with
the software Openca to have a private key generated with LUNA CA3?


Thanks for all!
PJ



-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Reply via email to