[clug] Certificate authority re-signing
Alex Satrapa
grail at goldweb.com.au
Tue Jan 18 19:20:15 MST 2011
On 19/01/2011, at 12:37 , Paul Wayper wrote:
> Is there any point in keeping old certificate signing requests about
> for the situation where we have a disaster with the old CA and have to
> resign everything with a new CA?
Keeping a record of the requests means you know which certificates you need to re-sign when you get the new CA certificate. After all, the certificate requests are the best form of documentation - even better than some external database in which you're *supposed* to track certificates and requests and what not.
Alex
More information about the linux
mailing list