Hi Cardona,
if you use "browser request" the keys are NOT generated by the CA put by the local browser. So the CA/RA never gets knowlegde of the private key.
If you want to provide an outside generated key you have to create a whole CSR and upload it via the "Server Request" as pkcs#10
If there is a need for inserting a public key by hand this is no big problem to implement but I dont see the sense here.
Oliver
Cardona, Kley wrote:
I just got OpenCA installed, and working. I have a question: are there
any provisions in OpenCA during a certificate request, for a user to
input a self generated public key? (Maybe one locally generated through
an applet), instead of the web server internally generating this key
pair automatically.
It appears to me that having the private keys kept by the web server breaks the spirit of PKI.
Thanks
-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
-- Diese Nachricht wurde digital unterschrieben oliwel's public key: http://www.oliwel.de/oliwel.crt Basiszertifikat: http://www.ldv.ei.tum.de/page72
smime.p7s
Description: S/MIME Cryptographic Signature
