On 2/16/2012 10:29 AM, T. Valent wrote:
4. Configure each serverX to accept client certificates
issued by old-groupX-cert OR new-groupX-cert (most server
software can be configured with a list of valid
client-cert-issuers and the SSL protocol supports that).
More or less that's the way to go.
T
> 4. Configure each serverX to accept client certificates
> issued by old-groupX-cert OR new-groupX-cert (most server
> software can be configured with a list of valid
> client-cert-issuers and the SSL protocol supports that).
More or less that's the way to go.
That's what I've come up with (yet
Jakob,
thanks for your reply.
> most server
> software can be configured with a list of valid
> client-cert-issuers and the SSL protocol supports that
I didn't know this is possible. I'll start researching in this direction
immediately as this sounds like the solution to the problem.
Thanks a
On 2/14/2012 1:09 PM, T. Valent wrote:
Hi!
My root-cert will expire in a few months. I'm now planning a migration
to renew the certificates. The goal is to ensure a seamless migration
without loss of service by updating the servers and clients certificates.
Currently I'm lacking a plan how to d
Hi!
My root-cert will expire in a few months. I'm now planning a migration
to renew the certificates. The goal is to ensure a seamless migration
without loss of service by updating the servers and clients certificates.
Currently I'm lacking a plan how to do the migration. The problem is
that I ca
