> 4. Configure each serverX to accept client certificates
> issued by old-groupX-cert OR new-groupX-cert (most server
> software can be configured with a list of valid
> client-cert-issuers and the SSL protocol supports that).
More or less that's the way to go.
That's what I've come up with (yet
Jakob,
thanks for your reply.
> most server
> software can be configured with a list of valid
> client-cert-issuers and the SSL protocol supports that
I didn't know this is possible. I'll start researching in this direction
immediately as this sounds like the solution to the problem.
Thanks a
Hi!
My root-cert will expire in a few months. I'm now planning a migration
to renew the certificates. The goal is to ensure a seamless migration
without loss of service by updating the servers and clients certificates.
Currently I'm lacking a plan how to do the migration. The problem is
that I ca
Is there a command line option for openssl to just verify a password for
a key?
I thought I could use a line in a script like:
echo Please enter password for key
read $passwd
if openssl verifypassword -in MyKeyFile.pem -password "$passwd"; then
echo Password OK
else
echo wrong password
exit
f
Hi!
I probably have a very basic question, but I need to describe my problem
in detail to make sure everybody understands what I'm seeking for,
because I may not possibly use the correct terminology. I want to have
this kind of organizational structure (OU = Organizational Unit):
Root-CA
|
+-
