Menu
▾
▴
Re: [Ejbca-develop] Renewing intermediate CA with sha2 signature algorithm (ejbca 4.0.16)
|
From: Tomas G. <to...@pr...> - 2015-05-19 15:00:11
|
There is a CLI command to change certificate profile of a CA. Regards, Tomas ----- Save time and money with an Enterprise support subscription. Please see www.primekey.se for more information. https://www.primekey.se/technologies/products-overview/ https://www.primekey.se/service-support/support/ On 2015-05-19 16:17, Ralf Hornik wrote: > Hello, > > some weeks before i wrote about a sha fingerprint and was confused about it. > Now i figured out that Chrome only allows sha2 signature algorithms in end > entities AND its issuing intermediate certificates. > > So i now try to renew the internal Sub CA and issue with new sha2 signature > algorithm. > To avoid renewing all end entities (that already have sha2) i want to use > the same key for the new CA Certificate. > > The problem is, that it is fixed issued with the SUBCA certificate profile > that can not be edited to change the signature algorithm. > > So far i have one question: How can the existing SubCA Certificate be > renewed using a customized cert profile? > Thank you and regards > > Ralf > > > > ------------------------------------------------------------------------------ > One dashboard for servers and applications across Physical-Virtual-Cloud > Widest out-of-the-box monitoring support with 50+ applications > Performance metrics, stats and reports that give you Actionable Insights > Deep dive visibility with transaction tracing using APM Insight. > http://ad.doubleclick.net/ddm/clk/290420510;117567292;y > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
