The CA was not created for this purpose as previously stated. There are
multitudes of certificate types, and you will also want some certificate
management as well. As far as being able to handle it, I think the
software itself could create useable PKCS certs, but that doesn't mean
youll be able to handle it :-) Have a look at RSA, Baltimore, or (choke)
Veri$ign. Digital signing and email encryption is too important to not
have a full blown CA solution backing it.
Frank
-----Original Message-----
From: Reinhard Stich [mailto:r.stich AT INTERNET-SECURITY DOT AT]
Sent: Monday, May 26, 2003 4:56 AM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] Certifcates/Internal CA
hi,
even if there is a way to do that (I don't think so) I highly recommend
to
use a normal CA for that.
as the name says the ICA is *internal* and not built to handle hundreds
of
certificates.
cheers
reinhard
At 10:45 26.05.2003 +0200, you wrote:
>Hi everybody,
>
>is it possible to create user certificates on the Internal CA (ICA)
>located on the management server for other use then secuRemote
>(digitalSignature, dataEnciphment) like email encryption ? We plan to
>implement email encryption based on certificates and we have alreaddy
>established secuRemote authentication with certificates issued by the
>ICA. It would be nice to use this CA also to issue certificates for
>email encryption instead of using a seccond CA. But unfortunately I
>found no Checkpoint documentation regarding to that problem so I guess
>it is not possible ?!
>
>Olaf
>
>=================================================
>To set vacation, Out-Of-Office, or away messages,
>send an email to LISTSERV AT amadeus.us.checkpoint DOT com
>in the BODY of the email add:
>set fw-1-mailinglist nomail
>=================================================
>To unsubscribe from this mailing list,
>please see the instructions at
>http://www.checkpoint.com/services/mailing.html
>=================================================
>If you have any questions on how to change your
>subscription options, email
>fw-1-owner AT ts.checkpoint DOT com
>=================================================
--
Reinhard Stich, ASSIST R.Stich AT internet-security DOT at
Internet Security AG, 1190 Wien, Nussdorfer Laende 29-33
Tel: +43 1 370 94 40 RS784-RIPE Fax: +43 1 370 94 40-10
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
