Updating (re-issuing) self-signed cert with keyid, issuer, serial AKI

Previous Topic Next Topic
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
Report Content as Inappropriate

Updating (re-issuing) self-signed cert with keyid, issuer, serial AKI

Philip Prindeville

I have the following certificate (below) and I’m trying to generate a new self-signed cert from it, but when I do so the issuer+serial get dropped from it.

Looking at the CSR that gets generated as an intermediate step, I’m not seeing that information there.

What do I need to do to "copy through" the AKI into the request with -x509toreq?

Also attaching the script I’m using.

And yes, it’s a 1024-bit key… It’s probably worth scrapping the old key and generating a new one, but before I do that I want to solve the AKI issue...



openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

example.crt (1K) Download Attachment
renew-dummy-cert (957 bytes) Download Attachment