a43bb90 Rework which keys we prefer for SCEP

Authored and Committed by nalin 4 years ago
    Rework which keys we prefer for SCEP
    
    Rework which data we generate, so that it's easier for helpers to decide
    what to send to the server:
    * CERTMONGER_PKCSREQ:
      Signed with an old/only key and a previously-issued certificate,
      or using the minicert if there's no new key.
    * CERTMONGER_PKCSREQ_REKEY:
      Signed with an new key and the minicert.
    * CERTMONGER_GETCERTINITIAL:
      Signed with an old/only key and a previously-issued certificate,
      or using the minicert if there's no new key.
    * CERTMONGER_GETCERTINITIAL_REKEY:
      Signed with an new key and the minicert.
    
        
file modified
+13 -9
file modified
+29 -23
file modified
+50 -6