Hello Tamara,
the design criteria for OpenXPKI was that one realm is a container for
one logical ca. Mutliple CA certificates are interpreted as "CA
Rollovers" which makes it quite easy to replace your signer certs when
they are going to expire. If you want to have to different signers, you
should but them into two different realms.
Oliver
On 19.08.24 15:45, Tamara Nikolovska wrote:
Hallo list,
I am still in the learning phase of OpenXPKI, I am trying to adjust
OpenXPKI to our company's needs. So here is my case:
I have set a different realm for every business unit in our company.
In one of the realms I have 2 different ca-signer defined (2
Intermediate CAs) and when requesting an end entity certificate it
automatically gets signed by the last defined ca-signer. I would like
to be given an option to choose the ca-signer.
Not sure if changes need to be made in the workflow or the profile,
and certain fields added ... please advise.
Best,
--
Tamara Nikolovska.
---------------------------------
Linkedin: https://www.linkedin.com/in/tamara-nikolovska-55887b16a/
Skype: nikolovska.t...@outlook.com (skype name: _nikolovska.t_94_)
_______________________________________________
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users
--
Protect your environment - close windows and adopt a penguin!
_______________________________________________
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users
