Well again folks, thanks once more for your comprehensive help.
Larry Bugbee schrieb:
On Mar 24, 2008, at 9:28 AM, Andreas Grimmel wrote:
I found this command somewhere in a forum:
openssl x509 -in cacert-old.pem -days 1460 -out cacert-new.pem
-signkey private/cakey.pem
- in my
Hi,
in short I think in your -signkey command you need to add
-enddate.
* Andreas Grimmel wrote on Mon, Mar 24, 2008 at 17:28 +0100:
That depends on what you need to do by policy for renewal.
There is no such thing as technical renewal - there is only
policy based. Since this sounds like
Hello list,
let me say first that I'm not too deep into the secrets of openssl, I just like
it as being a stable, great-working software for all concerns of dealing with
encryption and especially x.509 certificates for my VPN connections,
webservers, and so on.
I got one big problem for now:
Hi Andreas:
Andreas Grimmel wrote:
Hello list,
snip
I got one big problem for now: My self-signed CA cert will expire in
about one month. I installed it 4 years ago and never minded about, but
now I have to renew it.
The Creation of a whole new CA and client certificates isn't possible
Hi Patrick,
thanks a lot for this whole lot of useful information. Now let me see if
I got you right:
Patrick Patterson schrieb:
snip
- First of all, is there any HowTo that deals not only with creaton, but
also with the renewal of self-signed CA certs in detail?
That depends on
On Mar 24, 2008, at 9:28 AM, Andreas Grimmel wrote:
I found this command somewhere in a forum:
openssl x509 -in cacert-old.pem -days 1460 -out cacert-new.pem -
signkey private/cakey.pem
- in my understanding, this command takes the old cert, changes the
validity to four more years (1460