Re: [Openca-Users] Renewal of CA certificate

[Diego de Felice]

I think renewing CA certificate with the same keys will not cause
problems. However I don't remember the procedure in the OpenCA
administration interface. Sorry

On 4/24/06, Jan Roesner <[EMAIL PROTECTED]> wrote:
> Hi Listusers,
>
> some month ago I setup openca for testing purposes and created a root
> certificate with a validity of exactly one year. I use that CA to enroll
> SSL Client certificates for certificate based user authentication
> against a Apache 2.0 Server. That works fantasticall well. Now the
> validity of my root Certificate ends and I dont want to completely reset
> the CA/RA.
>
> The question is : Is it possible to simply create a new certificate
> request from the existing root certificate, selfsing it, and install it
> as new root certificate?
> If yes :  I think I will have to install the new root certificate and
> the crl on my Apache, but will my old SSL Client certificates still be
> valid for authentification if I have two root certificates in my
> ca-bundle file containing the same subject?
>
> If this idea is possible, what is the easiest way to do that?
>

--
Diego de Felice


-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid0709&bid&3057&dat1642
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users