Roman - 2013-08-28

I haven't found options for this in EJBCA. Maybe it is hidden somewhere.

The purpose of it is that if we want to limit the number of issued certificates for end entity than we can set a limiting number in the end entity profile or somewhere else.

Typical scenario looks like this:
1. Create end entity EE1
2. Limit number of issued certificates for EE1 to 2
3. EE1 is able to get 2 valid certificates for his profile
4. EE1 is able to renew these 2 certificates independently
5. EE1 is not able to have more than 2 valid certificates at any time

I know that there is an option to set the number of allowed requests. But it is not applicable because we would like to have number of valid certificates and end entity would be able to renew these valid number as it wants. But if the end entity request new certificate, this will not be allowed.

Is this possible or is there a workaround how to achieve it?