how to update expired server certificate of Netscape Certificate Management System (CMS) 4.2
--------------------------------------------------------------------------------------------
stop certificate server!
[http@baghdadic config]$ pwd
/servers/netscape/cms42/cert-certificate/config
[http@baghdadic config]$ ls -al cert7.db key3.db
[http@baghdadic config]$ /servers/netscape/cms42/bin/cert/tools/certutil -L -d . -n "Server-Cert cert-unimacq"
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2971 (0xb9b)
Signature Algorithm: PKCS #1 MD5 With RSA Encryption
Issuer: OU=Certificate Authority, O=The University of Macquarie, C=AU
Validity:
Not Before: Sun Mar 28 14:00:00 2004
Not After: Mon Mar 28 14:00:00 2005
Subject: CN=certificate.unimacq.edu.au, OU=Information Technology Services, O=The University of Macquarie, C=AU
...
generate certificate request, issue the new certificate, delete old certificate in the origital
cer7.db file (not the one generated certificate request, make a backup).
[http@baghdadic config]$ /servers/netscape/cms42/bin/cert/tools/certutil -D -d . -n "Server-Cert cert-unimacq"
add new certificate:
[http@baghdadic config]$ /servers/netscape/cms42/bin/cert/tools/certutil -A -d . -n "Server-Cert cert-unimacq" -t "u,u,u" -i certificate.unimacq.edu.au-expired-on-20070413.crt
Enter Password or Pin for "Communicator Certificate DB":
...
[http@baghdadic test]$ ../../../bin/cert/tools/certutil -L -d . -n "Server-Cert cert-unimacq"
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3117 (0xc2d)
Signature Algorithm: PKCS #1 MD5 With RSA Encryption
Issuer: OU=Certificate Authority, O=The University of Macquarie, C=AU
Validity:
Not Before: Wed Apr 13 12:02:28 2005
Not After: Fri Apr 13 12:02:28 2007
Subject: CN=certificate.unimacq.edu.au, OU=Information Technology Services, O=The University of Macquarie, C=AU
start certificate server!
|