Hi Martin,
Let me put it this way, I have a smart card with a key pair in it - unknown to my OpenCA CA - and I like to certify this key pair with OpenCA, meaning without generating a new pair on the card. I can do this with the Microsoft certsrv (by selecting 'existing key pair') but I prefer to do this with OpenCA.
Regards,
Eddy
| Martin Bartosch <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED] 30/11/2005 13:26
|
To: [email protected] cc: Subject: Re: [Openca-Users] Howto certify an existing key pair |
Hi,
> Is it possible with OpenCA (as it is with Microsoft certsrv) to
> certify an existing key pair from the browser certificate store or
> from a smart card (so without generating a new key pair)?
OpenCA will refuse to accept the same public key in an incoming
certificate request, but it is possible to "renew" a certificate. In
this case, OpenCA generates a new certificate based on the existing
public key with the old certificate request data.
You should be able to pick up this renewed certificate via "get
requested certificate" and install it in the browser. It is also
possible to download the certificate manually and import it wherever
you like, including a SmartCard.
Hope this answers your question.
cheers
Martin
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
