Quote: |
Q1. Do I have to migrate both off line and online ones? |
Quote: |
Q2. Which one should I start with? |
Quote: |
Q3. Can I do the migration myself or do I have to refere to the third party? |
Quote: |
Q4. What are the risks of the migration? |
Quote: |
Should I do any special configuration or installation to the HSM |
Quote: |
What should I do with the old CA? |
Quote: |
I mean for configuring the HSM, this information should be provided through the vendor, right? |
Quote: |
should we bind it to the CA and generate new key material on the HSM? |
Quote: |
you mentioned that I should leave the old CA working If I am running validation services on it. then I may have to leave it running until all the certificates issued from it expire, would'nt the migration process take care of this step? |
Quote: |
In case the online issuing CA blows up, would having the HSM, help rebuild a new issuing CA? |
Quote: |
2.Ask the third party to install the new keys on the HSM |
output generated using printer-friendly topic mod, All times are GMT + 2 Hours