[Pki-users] CRMF aka CMP format reader or howto get private key from crmf with proof of possesion

[John Magne]

Hopefully someone might know this one off the top of their head. I am spacing on this now.


----- Original Message -----
From: "Marcin Mierzejewski" <marcinmierzejewski1024 at gmail.com>
To: pki-users at redhat.com
Sent: Tuesday, October 27, 2015 4:20:49 AM
Subject: [Pki-users] CRMF aka CMP format reader or howto get private key from crmf with proof of possesion

I'm trying to generate new .p12 file for renewed certificate, becouse old version p12 file after that renewation has private key linked to certificate which is not the latest one(however keypair and all subject data are the same) 
What is my idea? 
- create "caManualRenewal" enrollment 
- read crmf from enrollment 
- get private key from crmf 
- approve renewal request 
- return new p12 file with new cert and this privkey to user 

It's even possible to do something like this? It makes sense to recreate that file or user can use old p12 file even after renewal? 


_______________________________________________
Pki-users mailing list
Pki-users at redhat.com
https://www.redhat.com/mailman/listinfo/pki-users