Bug with key rollover?Hi Pawel,
the CA command has a '-preserveDN' commandline option. I did not check if
this option keeps the DN contents intact, but it's worth a try ;-)
See also:
http://www.openssl.org/docs/apps/ca.html#CA_OPTIONS
See also:
Groetjes/Greetinx,
Ger
----------------------------------------------------------------------------
Ger Hobbelt a.k.a. Insh_Allah mailto:[EMAIL PROTECTED]
----------------------------------------------------------------------------
You're a modern day Man,
You Chat, Email and ICQ whenever you can.
Me, I'm rather square,
I like to Talk to people anywhere.
'cause looking at her Eyes,
beats querty by far at 'Nice'.
----- Original Message -----
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, March 19, 2001 10:52 AM
Subject: Bug with key rollover?
Hi all,
I'm trying to do root key rollover. Therefore I created two CA
certificates, and then I was trying to perform cross-certification.
Everything looks OK, but I noticed that DN is changed.
I used command
openssl ca -ss_cert cert_to_be_sign -config config_file_signing_ca -out
new_cert_file
>From the original DN, mysterious disappear field L.
The original DN has: CN, OU, O, L, S, C
And cert was issued to CA with DN: CN, OU, O, S, C
I'm wondering what has happend.
Pawel Krupinski
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
