How can I revoke a cert with a conflicting serial number?
Posted: Fri Sep 03, 2021 3:12 pm
Hi, I have two servers and I've revoked a cert (serial #8) on Server A and I want to revoke, or at least prevent the user from logging in on Server B, but the cert doesn't exist.
* Can I copy the revoke statement from the index file on Server A and put it in the index file of Server B to revoke it?
* I have an existing valid entry on Server B that is using serial #8 but it has a different CN than the one I want to revoke. Will adding the revoke entry cause an issue with this other entry?
* If it will cause an issue can I change the serial number on the revoke statement and the serial number in the serial file to be greater values that don't conflict?
* Would it be a better solution to copy the pem and cert files to Server B and issue a revoke-all from there? The pem file would be 08.pem though unless I can change that if necessary?
Thanks!
* Can I copy the revoke statement from the index file on Server A and put it in the index file of Server B to revoke it?
* I have an existing valid entry on Server B that is using serial #8 but it has a different CN than the one I want to revoke. Will adding the revoke entry cause an issue with this other entry?
* If it will cause an issue can I change the serial number on the revoke statement and the serial number in the serial file to be greater values that don't conflict?
* Would it be a better solution to copy the pem and cert files to Server B and issue a revoke-all from there? The pem file would be 08.pem though unless I can change that if necessary?
Thanks!