Re: PKI structure changes
- From: "Brian Komar" <brian.komar@xxxxxxxxxxxxxxxxx>
- Date: Fri, 28 Dec 2007 18:24:23 -0600
I would say the best way is to deploy the new, only keep the enterprise root CA around for revocation and publication of CRLs.
WHen its last certificate expires, wrip it out <G>
Brian
"C. Brice" <CBrice@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:93FE7F51-729E-46A6-AFDC-B5FB83D15641@xxxxxxxxxxxxxxxx
We've currently got a 1-tier PKI setup with an enterprise-root CA. I'd like
to move to a 3-tier - offline standalone root, offline standalone policy, and
an enterprise issuing. I can't find any docs to explain how to get there.
Do I need to tear down the existing to bring up the new one, or can they
exist side by side?
C. Brice
.
- Prev by Date: Re: Registry hack to disable password change
- Next by Date: Re: EFS Decryption - Lost Certificate
- Previous by thread: Re: Registry hack to disable password change
- Next by thread: Re: Someone got into my system
- Index(es):
