Hey there: Check out the archives, and see my reply to Martine Schneider and David Schwartz from yesterday to the query:
Sign CSR after modifying data in CSR possible? Have fun. On January 6, 2010 11:38:07 am Johannes Bauer wrote: > Hello list, > > I get CSR from people which have not necessarily set the subject values > set to the correct values. Instead of forcing them to enter exact values > (how I do it at the moment and which works TERRIBLY), I'd just like to > change them myself and use the PK they provide within the CSR. I can do > this just fine by using > > openssl req -in in.csr -out out.csr -subj '/O=foo' > > However, when I then try to sign "out.csr", the signature is not correct > (of course it isn't!), so I get "Signature did not match the certificate > request", openssl refuses to sign. > > Is there another way to take just the PK from the CSR and choose a > custom subject for the certificate generation? Or is there some > different way I'm not seeing at all? > > Regards, > Johannes > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org -- Patrick Patterson President and Chief PKI Architect, Carillon Information Security Inc. http://www.carillon.ca ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
