How to sign keys with intermediary CA?
Posted: Tue Apr 19, 2016 8:48 pm
I made my root CA a while ago, and then I made an intermediary CA.
I can then do one of two things which are easy and obvious.
1. ./pkitool --csr client1 (creating unsigned is not a problem)
2. ./pkitool --sign client1 (great for signing with the root CA; what i don't want to do)
What's not obvious.
I haven't found anyway in pkitool to specify which CA i want an unsigned key signed by.
Scouring google has also yielded nothing.
How to do?
I can then do one of two things which are easy and obvious.
1. ./pkitool --csr client1 (creating unsigned is not a problem)
2. ./pkitool --sign client1 (great for signing with the root CA; what i don't want to do)
What's not obvious.
I haven't found anyway in pkitool to specify which CA i want an unsigned key signed by.
Scouring google has also yielded nothing.
How to do?