Oliver: Thanks for the response.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Oliver Welter Sent: Wednesday, June 30, 2004 11:14 PM To: [EMAIL PROTECTED] Subject: Re: [Openca-Users] certificate request mechanism Hi Cardona, if you use "browser request" the keys are NOT generated by the CA put by the local browser. So the CA/RA never gets knowlegde of the private key. If you want to provide an outside generated key you have to create a whole CSR and upload it via the "Server Request" as pkcs#10 If there is a need for inserting a public key by hand this is no big problem to implement but I dont see the sense here. Oliver Cardona, Kley wrote: > I just got OpenCA installed, and working. I have a question: are there > any provisions in OpenCA during a certificate request, for a user to > input a self generated public key? (Maybe one locally generated through > an applet), instead of the web server internally generating this key > pair automatically. > > It appears to me that having the private keys kept by the web server > breaks the spirit of PKI. > > Thanks > > > ------------------------------------------------------- > This SF.Net email sponsored by Black Hat Briefings & Training. > Attend Black Hat Briefings & Training, Las Vegas July 24-29 - > digital self defense, top technical experts, no vendor pitches, > unmatched networking opportunities. Visit www.blackhat.com > _______________________________________________ > Openca-Users mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/openca-users -- Diese Nachricht wurde digital unterschrieben oliwel's public key: http://www.oliwel.de/oliwel.crt Basiszertifikat: http://www.ldv.ei.tum.de/page72 ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
