[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: changing the expiration of a certificate

* martin f krafft (madduck@debian.org) [021125 11:29]:
> when i create certificates, they are usually not valid beyond
> 6 months. so after 6 months, i would like to renew them. i know i can
> reuse the key and original signing request, but when i sign them with
> my CA, they get new fingerprints. i am thinking that this is he
> desired result, but wondering whether i can extend the expiration on
> a certificate without changing the fingerprint?

A certificate is a signed public key.  The expiration date is associated
with the signature; the public key remains the same.  Since the data
being signed changes, the signature (and hence its fingerprint) must

good times,


Attachment: pgp1Ne54WkaP_.pgp
Description: PGP signature

Reply to: