I renewed our Issuing CAs certificates with new keys.
That work kinda fine and I think it should be alright. I still need to fix OCSP but that should be alright.
However, I am kinda confused by the way pkiview shows the current health of the CA.
I still have plenty of certificates signed with the old keypair and will continue to have for some time. Consequently, I'd like to check on CRL publishing status for the old keypair.
However, pkiview only shows the CRL/AIA/CRL+ for the new keypair.
Is there a way to make pkiview show also the CRL status etc for the old keypair (would be handy, as some of the certificates will be valid for another 18month)