lampa <lampa2...@gmail.com> wrote: > I want to know the process of renewing the certificate , I want to > understand not only the operation of RA operator and Users ,but > also the OpenCA How to deal with the request.
OpenCA simply creates a copy of the archived request with a new serial number. However this breaks the RA signature. The next steps are the same as issuing any other certificate... Renewing a valid certificate (IMHO) does not need a complete verification process, since the old request has already been approved. The only thing to check might be if the certificate is still needed (or paid for). If so, you can renew the request and issue the new certificate. The only problem could be, that the approver's (RA)certificate has expired, or been revoked meanwhile, since there is no (automatic) check, whether the approvers certificate was valid at time of signatiure. (Max?) Ralf ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. ------------------------------------------------------------------------------ SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ _______________________________________________ Openca-Users mailing list Openca-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-users
