[Djigzo users] How to use external PKI

Martijn Brinkers martijn at djigzo.com
Wed Apr 20 20:27:19 CEST 2011

On 04/20/2011 07:57 PM, Manuel Faux wrote:
> Hello,
> I have an existing PKI outside of Djigzo. So I've created a Sub-CA and imported this CA incl. SKs into Djigzo. As far I understood the documentation, Djigzo does not support CRL-Generation, but the Documentation recommends using a full-blown CA like EJBCA instead.
> Has anyone ever used Djigzo in such a scenario? What is the recommended way to issue and to revoke certificates? I came up with the idea about writing an additional RequestHandler, which uses the EJBCA-API to issue the certificates, but is this necessary?

Djigzo can generate CRLs, click CA en then click on "Create CRL".

Only if you need a more advanced CA, like multiple CAs, use different
key usage, use your own extensions etc. it's better to use an external CA.

Kind regards,


Djigzo open source email encryption
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3398 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.ciphermail.com/pipermail/users/attachments/20110420/f33f1a99/attachment-0001.p7s>

More information about the Users mailing list