Hi, I just saw the "RE: Changing the expiry date of a cert" thread but I think my question is a little different.
My certs are not CA certs they are user certs where the only thing I really need to preserve are subject, issuer, key & cert extensions. The serial # doesn't matter. The thing I would like to use is "openssl x509" and specify the old cert and get a new cert from it with all the extensions preserved. Thanks, Simon McMahon Simon McMahon/Australia/Contr/[EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 24/10/2007 03:27 PM Please respond to openssl-users@openssl.org To openssl-users@openssl.org cc Subject refresh validity dates on a certificate Hi, I have some old certificates where the private key is fine but the cert has expired. My environment is only a test env by the way so there are no security issues here. I just want an easy way to refresh the certs whenever they expire. Is there some way with openssl that I can just refresh the validity period & signature and keep everything else (especially the extensions) just as they were? The issuer name is still the same. I know I can re-generate a new certificate but I'm not sure about all the extensions since they came from my config file and it has changed since some of the certs were made. Regeneration of the cert may mess up the extensions unless I double check each one. I have several cert types, e.g. OCSP, SSL client & server etc that all need the validity date updated. Converting the cert to a cert request wont preserve the extensions will it? Regards, Simon McMahon ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]