Hi all,
We are using NGX R60 HFA-03 with IPSO 3.9. Our VPN
users are authenticating via certificates using MS ADS
and MS Certificate Services of Windows 2003
Server(RootCA and SubCA).
Now we should change for some reasons the CDP (CRL
Distribution Path) of the SubCA. During the migration
timeframe it would be great if we can have both
SubCA's as objects in SmartDashboard (first SubCA with
the old CDP, second SubCA with the new CDP). This way
the users can use both vpn certificates to
authenticate during the migration.
But when we are creating the second SubCA (with the
new CDP) SmartDashboard does present an error like:
"Same Distinguished Name already installed for another
CA: SubCA" (i.e. the orignial SubCA with the old CDP).
So the question is if one can have 2 Certificate
Authority objects with the same DN but with different
CDP's in their CA-certificates.
If not: Do you know if this is planned in a next
release?
Thanks!
Best Regards,
Janis
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
