[prev in list] [next in list] [prev in thread] [next in thread]
List: novell
Subject: Re: Old CA, New CA
From: Joe Doupnik <JRD () cc ! usu ! edu>
Date: 2004-10-25 23:57:29
Message-ID: 01LGGGYGF25K935OBV () cc ! usu ! edu
[Download RAW message or body]
>I had to recreate my CA last Christmas break, and all of my previous
>certificiates continue to work as they did before I recreated my CA.
>The only real confusion that happens is that sites that are using
>Certificates from the previous CA will need the previous CA
>imported/trusted, while the certificates you sign from the new one will
>need, you guessed it the new CA imported/trusted.
>
>
>
>George A. Raetzke, CNE
>Senior Systems Programmer
>Enterprise System Support
>Northern Illinois University
>DeKalb, IL 60115
>graetzke@niu.edu
>815-753-8549
-----------
True, and which leds me to do something logical about the muddle.
It is to create a home grown CA, on any machine; openssl will do that. Then
make other certs from that CA's authority. I see no reason to be tied to NW
and its fragile cert chain.
Joe D.
_______________________________________________
Novell mailing list
Novell@netlab1.usu.edu
http://netlab1.usu.edu/mailman/listinfo/novell
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic