I have tested on my ca box, and it can't sign a new one with the same DN: It
still said find the same cert.
Should I change the OpenCA/stuff/index.txt file manually?
----- Original Message -----
From: Massimiliano Pala <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, February 05, 2001 11:51 PM
Subject: [openca-users:222] Re: How to renew a cert?
> Song Yi wrote:
> >
> > Hi,
>
> Hi,
>
> > Somebody told me that just resend the user's previous request stored
in
> > server, but I think CA can't sign two cert with the same DN!
> > So, how to renew a cert? Should I revoke the cert first?
>
> If the certificate is to be renewed then it should be expired. If the
previous
> certificate is expired than it is pretty legal to sign a new one with the
> same DN. If you want issue the new certificate before the expiration date
> of the old one you have to revoke it - but I don't think it is a good
policy
> as it is not needed.
>
> C'you,
>
> Massimiliano Pala ([EMAIL PROTECTED])
_________________________________________________________________
OpenCA - Users Support Mailing List [EMAIL PROTECTED]
