[Pki-devel] crmf Vs kegGen
Dhiva
dhiva at es.net
Mon Apr 21 17:07:37 UTC 2014
We have a Safenet token (known as eToken) with the private key and
certificate installed.
I need to renew the expired certificates without generating a new private
key( thats what we call as renewal). The problems is that certificate on
these Tokens were expired, so i cannot really use the 'renewal process'. Is
there a way i can use the 'expired' certificate for renewal.
I was not able to generate new CSR from the private key on the Token. I
tried 'openssl req' with PKCS11 engine option and not been successful.
I do have access to the old CSR in two forms:
- one set of requests were in crmf format.I was able to issue new
certificate for these requests.
- one set of requests were in keygen<
https://developer.mozilla.org/en-US/docs/Web/HTML/Element/keygen> format:
This i am not sure how can i make dogtag pki certificate profile to accept
it.
Appreciate your help.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20140421/66cb2cb6/attachment.htm>
More information about the Pki-devel
mailing list