From: Steve Lee (maillist_at_blitzen.net)
Date: Wed Jan 08 2003 - 18:30:06 CET
thanks..
that worked great.
On Wed, 8 Jan 2003, Andreas Steffen wrote:
> If you revoke a cert correctly then the corresponding entry in
> index.txt is market as revoked (Actually you could reinstate a
> cert by manually deleting the revocation date and status in
> index.txt and then generate a new CRL.
>
> OpenSSL requires that the subject DN of active certs be unique.
> Thus if you revoke a cert it is possible to generate and sign a
> new certificate with exactly the same DN as the previously revoked one.
> I have done this many times, so I know that it works.
>
> Regards
>
> Andreas
>
> Steve Lee wrote:
> > I was able to revoke a certificate that i created for
> > a laptop road warrior user. How would i reinstated that
> > user using openssl ?
> >
> > I didn't know how to reinstate that cert so i tried to
> > recreate a new key,pem,p12 files but when i tried to
> > sign to create a new cert, openssl said that there is
> > one already by that.
> >
> > thanks.
>
> =======================================================================
> Andreas Steffen e-mail: andreas.steffen_at_strongsec.com
> strongSec GmbH home: http://www.strongsec.com
> Alter Zürichweg 20 phone: +41 1 730 80 64
> CH-8952 Schlieren (Switzerland) fax: +41 1 730 80 65
> ==========================================[strong internet security]===
>
>
> _______________________________________________
> Users mailing list
> Users_at_lists.freeswan.org
> http://lists.freeswan.org/mailman/listinfo/users
>
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Thu Jan 09 2003 - 05:21:23 CET