> Aaron Galea wrote:
>
> Hi,
>
> I am not sure whether you require to generate two CAs for creating DSA and RSA
>certificates. The problem is that if I create the CA certificate and key file using
>RSA I would not be using the file containing the dsa parameters
> and may be it fails during signing of certificate requests.
>
> I am not sure about this, so any help would definitely clarify my ambiguities.
You may use a single CA for signing DSA and RSA certs -- you'll
have to manually check that the DSA params are ones you approve.
All certs should be signed w/the RSA CA Cert -- because it is
roughly 10 times faster to verify an RSA signature.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
