Menu
▾
▴
[Ejbca-develop] Renewing intermediate CA with sha2 signature algorithm (ejbca 4.0.16)
|
From: Ralf H. <rh...@hc...> - 2015-05-19 14:17:26
|
Hello, some weeks before i wrote about a sha fingerprint and was confused about it. Now i figured out that Chrome only allows sha2 signature algorithms in end entities AND its issuing intermediate certificates. So i now try to renew the internal Sub CA and issue with new sha2 signature algorithm. To avoid renewing all end entities (that already have sha2) i want to use the same key for the new CA Certificate. The problem is, that it is fixed issued with the SUBCA certificate profile that can not be edited to change the signature algorithm. So far i have one question: How can the existing SubCA Certificate be renewed using a customized cert profile? Thank you and regards Ralf |
