On Mon, Oct 31, 2011 at 11:56 AM, mallapadi niranjan < niranjan.as...@gmail.com> wrote:
> Hi all > > I would like to know how to renew a self singed CA (RootCA) certificate > through certutil. > > I followed the below procedure to create a self signed CA cert. > > $certutil -N -d . > > $certutil -S -d . -n "testCA" -s "CN=testCA,O=Example.COM,C=US" -t "CT,," > -x -2 -m 0000 -v 1 -t "CT,," > > <snip> > > $certutil -L -d . -n testCA > Certificate: > Data: > Version: 3 (0x2) > Serial Number: 0 (0x0) > Signature Algorithm: PKCS #1 SHA-1 With RSA Encryption > Issuer: "CN=testCA,O=Example.COM,C=US" > Validity: > Not Before: Mon Oct 31 06:21:37 2011 > Not After : Thu Dec 01 06:21:37 2011 > Subject: "CN=testCA,O=Example.COM,C=US" > > </snip> > As you can see above the CA cert expires on Dec 01 2011, I would like to > know how to renew the above certificate > > In the case of SubCA's it seems to be fairly easy to renew the > Certificates by using the same Private key in the nss database by > specifying the > following option > > $certutil -d . -R -k "NSS Certificate DB:subCA" -s "cn=SubCA > Authority,o=Example.COM" -a -o example.req2.txt > > > But not sure how to proceed with RootCA getting expired. > > Any pointers on this would be helpful. > > Thanks > Niranjan > > > > > > Hi all Any pointers on the above would be helpful Thanks Niranjan -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
