[Box Backup] How to regenerate certificate and what's the status of Boxi

[Per Thomsen]

On 5/17/06 2:15 PM, Roy wrote:
> Ben Summers wrote:
>>
>> On 17 May 2006, at 18:15, Roy wrote:
>>>>> If you lose your certificates, but still have your
>>>>> <account_id>-FileEncKeys.raw file. How can you regenerate your
>>>>> certificates for the client? If you can do that, I suppose you can
>>>>> only do that on linux at the moment?
>>>>
>>>> Yes, you can regenerate anything except the file encryption keys.
>>>> However, it does require help from the server operator. The client
>>>> either resubmits their original certificate request, if they still
>>>> have that and the private key. Otherwise, they generate a new key
>>>> (optional) and a new certificate request.
>>>>
>>>> The server operator signs the certificate request and returns the
>>>> resulting certificate to the client.
>>> Mmm I'm the server operator, but I don't know how the regenerate
>>> them. I used the script that come with Box Backup, and for all I
>>> know, you can't use the raw key file as source.
>>
>> To regenerate client keys, run bbackupd-config again, and replace
>> it's raw key file with the one from your secure backup. Sign the new
>> certificates. Then you're up and running again.
>>
>> Similarly for a server.
>>
>>
>>> With a new key, you lose your store or not?
>>
>> Yes. Which is why bbackupd-config urges you to keep a copy of the
>> .raw file in a safe place.
>>
> Thanks for this explanation. Maybe this should be put somewhere on the
> Wiki or somewhere else in the documentation. Or is it already there
> and I didn't see it?
I don't think it's there. I will add it to the list of things for the
documentation project.

Thanks,
Per

-- 
Per Reedtz Thomsen | Reedtz Consulting, LLC | F: 209 883 4119
V: 209 883 4102    |   pthomsen at reedtz.com  | C: 209 996 9561
GPG ID: 1209784F   |  Yahoo! Chat: pthomsen | AIM: pthomsen