Hi Oliver,
Oliver Welter wrote:
No . you have not understod the system o a real CA....
The normal workflow is as follows:
* User requests his certificate
* User goes to the RA-Officer, he approves the request by signing the
request with his certificate (this is the RA Operator Certificate)
* The approved requests (signatur == approval) are transfered to the CA
* The CA Operator signs the requests with the Certificate of the Root-CA
* The certificates are transfered back to RA and published
Oliver
Ok, so far it's clear. But if you have a look at public certificate
chains, there exist so called "intermediate ca's" ... I thought the ra
would be one. That an ra-officer needs to check the request and needs to
check if the requester is really the requester ... I understand that
very well :o) !
But there's one question left. What about the ra-operator certificate ?
I generated it, when I initialized the ca. But when I want to install it
on the ra-machine, its not possible .... I mentioned this behaviour
before. If I try to download the certificate, its not the ra-operators
one that is shown, but the last user certificate that was issued. How do
I get the ra-operators certificate in my browser on the ra machine ?
Thx in advance.
Jan Roesner
[EMAIL PROTECTED]
-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server.
Download it for free - -and be entered to win a 42" plasma tv or your very
own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
