> I just saw the "RE: Changing the expiry date of a cert" thread > but I think > my question is a little different. > > My certs are not CA certs they are user certs where the only thing I > really need to preserve are subject, issuer, key & cert extensions. The > serial # doesn't matter. > > The thing I would like to use is "openssl x509" and specify the old cert > and get a new cert from it with all the extensions preserved.
This capability is not built into the 'openssl' command line tool, but it's pretty close to trivial to write a program to read in a certificate, change the from/to validity dates, sign the certificate, and write out the result. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
