I didn't mean 'sign the certificate', but rather 'sign the certificate request'. Often, CA software expects a self signed certificate request as 'proof of possession' of the private key.
The reason seems to have been lost in time, but it seems everyone does it because everyone does it. On 7/18/2014 5:34 PM, Johnson, Douglas wrote: > Ken, > > Thanks for your reply. I think I will need a legacy key but I don't > think my device will need to sign the certificate. Actually, signing > is something I should look into further. > > Doug > > -----Original Message----- From: Ken Goldman > [mailto:[email protected]] Sent: Friday, July 18, 2014 12:35 PM To: > [email protected] Subject: Re: [TrouSerS-users] > tpm question > > - You need a legacy key if the key also has to sign. For example, do > you have to sign the certificate request? ------------------------------------------------------------------------------ Want fast and easy access to all the code in your enterprise? Index and search up to 200,000 lines of code with a free copy of Black Duck Code Sight - the same software that powers the world's largest code search on Ohloh, the Black Duck Open Hub! Try it now. http://p.sf.net/sfu/bds _______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
