Re: How to renew a Cert generated by my own CA
I was following the thread to know more, but then I'm back to begining. If you find another solution, please let me know... Cheers. On Sun, 2002-06-09 at 10:02, Daniel Sutcliffe wrote: > However, my certificates have now started to expire and I am > getting warning dialogs from my apps. Not really a big deal as > all the secured services are private and are still usable, but it > is annoying. I have searched for a way to renew the existing > certs and read through the openssl ca man page several times but > I just can't work out what I'm supposed to do. I did find one > page that seemed to suggest that I revoke my expired certificates > and then resign the CSRs but this doesn't seem right to me. I guess revoking the expired and then resigning the CSR is the "proper" way to do things, at least I could not find instructions for doing it any other way. So that's what I did. If anyone's interested I got instructions from the SSL Certificates HOWTO that is part of the Linux Documentation Project: http://tldp.org/HOWTO/SSL-Certificates-HOWTO/ Hope this info can help someone else, cheers
Re: How to renew a Cert generated by my own CA
Daniel Sutcliffe wrote: > I have only just subscribed to this list so I apologise if I don't > follow protocol. I thought this would be easy but my Web searches > have led to nothing and I can't find a archive for this list :-( Still haven't managed to find a searchable archive of this list. Is there one out there? [snip] > However, my certificates have now started to expire and I am > getting warning dialogs from my apps. Not really a big deal as > all the secured services are private and are still usable, but it > is annoying. I have searched for a way to renew the existing > certs and read through the openssl ca man page several times but > I just can't work out what I'm supposed to do. I did find one > page that seemed to suggest that I revoke my expired certificates > and then resign the CSRs but this doesn't seem right to me. I guess revoking the expired and then resigning the CSR is the "proper" way to do things, at least I could not find instructions for doing it any other way. So that's what I did. If anyone's interested I got instructions from the SSL Certificates HOWTO that is part of the Linux Documentation Project: http://tldp.org/HOWTO/SSL-Certificates-HOWTO/ Hope this info can help someone else, cheers /dan -- Daniel Sutcliffe <[EMAIL PROTECTED]> __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
How to renew a Cert generated by my own CA
I have only just subscribed to this list so I apologise if I don't follow protocol. I thought this would be easy but my Web searches have led to nothing and I can't find a archive for this list :-( I have had my own CA for a little over a year now (key point). This has been done using openssl and the clues from Ralf's mod_ssl FAQ (including the sign.sh script from the mod_ssl distrib). All works fine and I have used the certificates for HTTPS and IMAPS on my intranet and for some personal services over the Internet ... No problems. However, my certificates have now started to expire and I am getting warning dialogs from my apps. Not really a big deal as all the secured services are private and are still usable, but it is annoying. I have searched for a way to renew the existing certs and read through the openssl ca man page several times but I just can't work out what I'm supposed to do. I did find one page that seemed to suggest that I revoke my expired certificates and then resign the CSRs but this doesn't seem right to me. Hopefully someone has a quick explanation, I can't imagine this is that complicated I'm just feeling really dumb at the moment. TIA for any help /dan -- Daniel Sutcliffe <[EMAIL PROTECTED]> __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
