On January 6, 2010 12:19:53 pm Johannes Bauer wrote: > Patrick Patterson schrieb: > > Check out the archives, and see my reply to Martine Schneider and David > > Schwartz from yesterday to the query: > > > > Sign CSR after modifying data in CSR possible? > > Ahhhh, thanks! With "openssl ca" it's possible, but I've been using > "openssl x509 -req" so far. > You're welcome - Req is pretty much only useful for generating a PKCS#10 request. if you don't like what you've put in it, just generate a new one (you have the private key after all) - if you are the CA, and don't like what someone put in it, use the ca command, and change it when building the X.509 cert.
Have fun, -- Patrick Patterson President and Chief PKI Architect, Carillon Information Security Inc. http://www.carillon.ca ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
