On Thursday 11 September 2008 15:44, Rich Megginson wrote: > > So I'm wondering if I need to somehow reinit some of the encryption keys? > > Or maybe I missed a step for replacing a Server-Cert? But from the docs > > it looks like a straight forward turn off fds, remove old cert, > > create/import new cert (with same name), restart fds. > > Unfortunately, those keys were encrypted with the old key/cert. But as > long as you don't want to use reversible attribute encryption, you can > ignore those messages. For the sake of argument and potential future issues ( I don't know enough about how the whole encryption system works unfortunately ), lets say I did want to use reversible attribute encryption :) Ryan
