Hi All,
We are
looking at using Doghat CA server with Cisco routers. I had a
few questions on the support included in Doghat certificate
system.
I just
started working on PKI, so please excuse if the questions are
quite basic.
1. The
Doghat system is built on top of NSS (Network Security
Services). Does it have any issues working with Cisco routers
as clients using SCEP? Would there be any OpenSSL and NSS
interactions in this case?
2. Does
Doghat support CA
Certificate rollover? When CA certificate is about to
expire, CA creates a shadow certificate. All the endpoints
associated with that CA can then renew their ID certificates
(this requires support for SCEP Messages such as GetNextCACert, GetCACaps).
Thanks in
advance for your help!
-Abha