Good morning Martin,
big thx for your work. Took some time to integrate but works well now.
Martin Bartosch wrote:
It's not that complicated. Try the attached patches in lib/cmds
and add the keyword
AllowPublicKeyReuse "YES"
in your etc/servers/ra.conf.template. Don't forget to re-run
configure-etc.sh
Completely untested, but might work. Of course you have to accept
and understand the security implications of reusing keys and
issuing multiple certs for one key pair, which may be worth thinking
about even with SmartCards.
You are right. Should be only a fool who does'nt complain about a
keypair used twice. I myself - when I started to operate on TCOS2.0 -
wondered why the guys at TeleSec did not implement a keygeneration just
like on "known" pkcs#11 cards. And since I'm working together with a
party developing a "well known" CSP as part of a M$ software I was
really confused about the fact that they wanted to implement a feature
to store an externally generated private key on the TCOS cards. But they
canceled that part of the plan. So I have to live with what I have.
Many thx for your help again.
cheers
Martin
Greets
Jan Roesner
[EMAIL PROTECTED]
-------------------------------------------------------
This SF.Net email is sponsored by:
Power Architecture Resource Center: Free content, downloads, discussions,
and more. http://solutions.newsforge.com/ibmarch.tmpl
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
