We recently had a problem with our Verisign Intermediate CA Certificate. This link (https://www.verisign.com/support/site/caReplacement.html) points to how they said to fix the problem. Your case may be similar.
Florian Yanez Manager of Technical Systems Helzberg Diamond Shops, Inc. [EMAIL PROTECTED] 816-627-1253 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Rory Chisholm Sent: Tuesday, February 10, 2004 7:14 AM To: [EMAIL PROTECTED] Subject: Expired CA Certificate This isn't totally modssl related but maybe someone knows the answer. I'm using OpenSCEP with openssl. My CA Certificate has just expired. Now since our VPN sees very little use (only one important user) I'd like to re-issue the x509 CA certificate with the same key but different attributes (a later expiry date). Can this be done without re-generating every certificate ever issued from scratch ? The real question here is do x509 certificates that have been signed by a CA certificate store a hash of the CA certificate based solely on the CA's key or based on the full CA certificate including it's attributes ? Has anyone had any experience doing this ? Thanks for any help, Rory Chisholm ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]