Massimiliano Pala wrote:
>
>
> If the CA certificate is simply expired you have 2 options:
>
> 1. Apply for a new certificate for the same key-pair
>
> 2. Generate a new key-pair and apply for a certificate to
> the up-level CA
>
> keep in mind that users' certificate expiration date should not exceed the
> CA's one.
Ok, but both of this cases imply re-issuing user certificates, even valid ones,
is it? Can these users keep their certs by issuing a pair of certificates
obtained by reciprocally sign old and new CA certificates?
Alex
_______________________________________________
OpenCA-Devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-devel
