Hi Bob
> 1) the user has multiple certs with the same subject, but some certs map
> to different roles (evil IMHO).
But you can find this constellation in many "business" PKI. The identity
of an user (his name or employee number) is taken as the cn= to match
the local directory structure (eG.
Ulf Leichsenring wrote:
I understand your real concern is the ability to import the above two
certs (and their private keys) into another module, other than softoken.
I suggest you test that. To do so, you need to add another command
line argument to the pk12util lines above, the option "-h toke
> I understand your real concern is the ability to import the above two
> certs (and their private keys) into another module, other than softoken.
> I suggest you test that. To do so, you need to add another command
> line argument to the pk12util lines above, the option "-h tokenname"
> where tok
Ulf Leichsenring wrote:
> I tried the following with Softtoken as you asked. I created two
> keypairs/certificates and exported them to PKCS#12.
> Both certificates have set the "cn=Ulf Leichsenring" but have different
> keyUsages (keyEncryption vs. digitalSignature).
> The My-AUT-cert.p12 has a fr
4 matches
Mail list logo
