[clug] Certificate authority re-signing

Alex Satrapa grail at goldweb.com.au
Tue Jan 18 19:20:15 MST 2011

On 19/01/2011, at 12:37 , Paul Wayper wrote:

> Is there any point in keeping old certificate signing requests about 
> for the situation where we have a disaster with the old CA and have to 
> resign everything with a new CA?

Keeping a record of the requests means you know which certificates you need to re-sign when you get the new CA certificate.  After all, the certificate requests are the best form of documentation - even better than some external database in which you're *supposed* to track certificates and requests and what not.


More information about the linux mailing list