Mark H. Wood wrote:
> Further, it won't be a trust root until it's distributed and the
> recipients are satisfied that it is legitimate. And I think that's
> the real question:
>
> When my CA's certificate expires, can I update it without having to
> deliver copies securely to everyone who i
On Wed, Oct 17, 2007 at 08:34:56PM -0700, Jim Fox wrote:
>
> This was a certificate authority certificate. As such, the renewal has to
> have
> the same key and DN as the original in order to continue being a CA
> for previously signed certificates.
Further, it won't be a trust root until it's d
Hodie XVI Kal. Nov. MMVII est, Jim Fox scripsit:
>
> This was a certificate authority certificate. As such, the renewal has to
> have
> the same key and DN as the original in order to continue being a CA
> for previously signed certificates.
You don't have to keep the same key, you just have to
> > "Is it possible to extend the expiry of this certificate
> > without changing any other fields in the certificate?"
> >
> > to which it seems that the answer is
> >
> > "Yes",
>
> How could the answer be anything other than yes?
All too easily. Because as you ourself point out, such a change
This was a certificate authority certificate. As such, the renewal
has to have
the same key and DN as the original in order to continue being a CA
for previously signed certificates.
Jim
On Oct 17, 2007, at 5:54 PM, David Schwartz wrote:
It seems to me that the OP is indeed asking somet
> It seems to me that the OP is indeed asking something else entirely
> different from the question which you yourself seem to have posed and
> then immediately failed to answer. He's asking
>
> "Is it possible to extend the expiry of this certificate without
> changing any other fields in the ce
On Wed, Oct 17, 2007 at 09:49:15PM +0100, G.W. Haywood wrote:
> "Is it possible to extend the expiry of this certificate without
> changing any other fields in the certificate?"
>
> to which it seems that the answer is
>
> "Yes",
Actually it is "no", because the certificate needs a new signatur
Yes. Thats what I was trying to ask. So, how can I change the expiry date of
an existing certificate without changing any other field ? Is there any
openssl command that I may use ?
On 10/17/07, G.W. Haywood <[EMAIL PROTECTED]> wrote:
>
> Hi there,
>
> On Wed, 17 Oct 2007, David Schwartz wrote:
>
Hi there,
On Wed, 17 Oct 2007, David Schwartz wrote:
> The OP wrote:
>
> > I have a private CA certificate created using openssl command line.
> > The issue is that the certificate expires on 19th Oct, 2007.
> > The question is that "Is it possible to extend the expiry of this
> > certificate wit
> I have a private CA certificate created using openssl command line.
> The issue is that the certificate expires on 19th Oct, 2007.
> The question is that "Is it possible to extend the expiry of this
> certificate without changing any other fields in the certificate?"
> Basically, I want to conti
10 matches
Mail list logo
