Every year I crank out new Certificate Signing Requests to renew my Verisign certs. I am told that by doing so I am creating new server keypairs. That doesn't make sense to me (esp. since the server seems to keep working while I wait for the new cert from my CA). Am I right that generating a CSR (in this case, with Netscape Enterprise) does not in any way change the server keypair, but merely does something like create a signed x.509 cert + public key bundle? Or does creating the CSR actually make a new keypair??? Thanks, -Peter http://www.bastille-linux.org/ : working towards more secure Linux systems ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
