From: Dr. D. O'M. <Don...@cs...> - 2001-06-06 10:13:26
|
Are there not many cases where one would want to issue multiple certs with the same DN (and different serial numbers) e.g. seperate signing and encryption certs, re-issue of a cert that had been revoked etc. Is it only openssl that would need to be changed to allow this? Or is the way OpenCA does the indexing in the DBM file the crucial thing? Regards, Donal > -----Original Message----- > From: ope...@li... > [mailto:ope...@li...]On Behalf Of Michael > Bell > Sent: 05 June 2001 18:34 > To: ope...@li... > Subject: Re: [OpenCA-Devel] Multiple certs with same DN? > > > "Dr. Donal O'Mahony" schrieb: > > > > In the latest snapshot, is it possible to have multiple certs issued > > with the same DN - I guess the question must be answered for both the > > DBM and relational database versions > > Is this a query or a reported bug? > > The described behaviour should not be possible because OpenSSL blocks > this. OpenSSL doesn't allow identical DNs. OpenSSL manage this via a > file. > > This is not a question of the DB-backend. We try to detect such problems > on the RAserver if a request will be approved by an RAOperator. > > Regards Michael > ------------------------------------------------------------------ > ------------ > Michael Bell Email: mic...@we... > Humboldt-University of Berlin Email (work): > mic...@rz... > Unter den Linden 6 Tel.(work): +49 (0)30-2093 2482 > 10099 Berlin > Germany [OpenCA Core > Developer] > > http://openca.sourceforge.net |