Hello there, I've tried to generate two certificates using Openssl (ca option) with the same DN and I haven't any problem (openssl doesn't give me either error or warning). I suppose this is because DN + serial number must be unique for each certificace signed by a certain CA. Is this correct? Thanks in advance Chelo El día Wed, 06 Oct 1999 22:06:24 +0200 Mario Fabiano escribió: > Openssl (if one uses the ca command) does not allow to generate a > certificate with an already active DN. How can I request a new > certificate (with a new key pair) for the same subject (same DN), before > the natural expiration of the old certificate? > > I have thought to use the UID, assigning a new UID for the new > certificate. I have however some doubts: > - Is this a good way to that? > - I read that the use of UID is deprecated; why? > - Does UID belong to DN or to CN (Ntscape seems to put it into CN)? > > Some other suggestions? > > > Thank you in advance. > > > > -- > Mario > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
