Re: changing the expiration of a certificate

To: debian users <debian-user@lists.debian.org>
Subject: Re: changing the expiration of a certificate
From: Vineet Kumar <debian-user@virtual.doorstop.net>
Date: Mon, 25 Nov 2002 12:00:15 -0800
Message-id: <[🔎] 20021125200015.GB2108@doorstop.net>
Mail-followup-to: debian users <debian-user@lists.debian.org>
In-reply-to: <[🔎] 20021125192722.GA20052@fishbowl.madduck.net>
References: <[🔎] 20021125192722.GA20052@fishbowl.madduck.net>

* martin f krafft (madduck@debian.org) [021125 11:29]:
> when i create certificates, they are usually not valid beyond
> 6 months. so after 6 months, i would like to renew them. i know i can
> reuse the key and original signing request, but when i sign them with
> my CA, they get new fingerprints. i am thinking that this is he
> desired result, but wondering whether i can extend the expiration on
> a certificate without changing the fingerprint?

A certificate is a signed public key.  The expiration date is associated
with the signature; the public key remains the same.  Since the data
being signed changes, the signature (and hence its fingerprint) must
change.

good times,
Vineet

-- 
http://www.doorstop.net/
-- 
http://www.anti-dmca.org/

Attachment: pgp5daOiqO2KQ.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: changing the expiration of a certificate
  - From: martin f krafft <madduck@debian.org>

References:
- changing the expiration of a certificate
  - From: martin f krafft <madduck@debian.org>

Prev by Date: Re: kernel recompile
Next by Date: Re: ext2 vs ext3 vs xfs vs reiserfs
Previous by thread: changing the expiration of a certificate
Next by thread: Re: changing the expiration of a certificate
Index(es):
- Date
- Thread