[clug] Certificate authority re-signing

Paul Wayper paulway at mabula.net
Tue Jan 18 18:37:38 MST 2011

 Hi all, 
 I've got a puzzle at work which I hope someone knows about. I've 
found it a bit difficult to google and a lack of familiarity with 
openssl's CA tools makes it harder. To put it this way: 
 Is there any point in keeping old certificate signing requests about 
for the situation where we have a disaster with the old CA and have to 
resign everything with a new CA? Can we generate new certificates 
based purely on the PEM info of the old certificates? Or does the 
question make no sense? 
 Thanks in advance, 

More information about the linux mailing list