Hi James,
the default workflows disallow reusing a private key which is pretty
much what the message tries to tell you, the location where this key is
already used should be visible from the WebUI.
This behaviour can only be changed by modifing the workflows as we
consider this an elemental feature for security so there is no "flag" to
turn this off.
regards
Oliver
On 07.05.24 15:51, James B. Byrne via OpenXPKI-users wrote:
I have an existing host with an existing private key: 2016002C.key
I generated a new csr from the private key:
openssl req -new -key 2016002C.key -out 2016002C_20240507.csr
head -5 2016002C_20240507.csr
-----BEGIN CERTIFICATE REQUEST-----
MIIFLDCCAxQCAQAwgcExCzAJBgNVBAYTAkNBMRAwDgYDVQQIDAdPbnRhcmlvMREw
DwYDVQQHDAhIYW1pbHRvbjEdMBsGA1UECgwUSGFydGUgJiBMeW5lIExpbWl0ZWQx
IDAeBgNVBAsMF05ldHdvcmtlZCBEYXRhIFNlcnZpY2VzMSEwHwYDVQQDDBhvcGVu
eHBraS0zLmhhcnRlLWx5bmUuY2ExKTAnBgkqhkiG9w0BCQEWGmNlcnRpZmljYXRl
When I paste the entire .csr into openxpki webui I get this error:
The uploaded key was found to be used already by another certificate request
but it is not allowed to certify the same key twice.
1. What uploaded key does this message refer?
2. What specific series of events causes this message to be issued?
3. What am I misapprehending with respect to issuing certificates for existing
hosts?
--
Protect your environment - close windows and adopt a penguin!
_______________________________________________
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users
