Collections:
Other Resources:
OpenSSL "x509 -x509toreq" - Conver Certificate to CSR
How to convert a certificate to a CSR using OpenSSL "x509" command? I want to generate a CSR with the same information as my existing certificate.
✍: FYIcenter.com
You can convert a certificate to a CSR using the OpenSSL "x509 -x509toreq" command as shown below:
C:\Users\fyicenter>\local\openssl\openssl.exe OpenSSL> x509 -x509toreq -in twitter.crt -signkey test.key -out twitter.csr Getting request Private Key Generating certificate request OpenSSL> req -in twitter.csr -text -noout Certificate Request: Data: Version: 0 (0x0) Subject: businessCategory=Private Organization/jurisdictionC=US/jurisdic tionST=Delaware/serialNumber=4337446/street=Suite 900/street=1355 Market St/post alCode=94103, C=US, ST=California, L=San Francisco, O=Twitter, Inc., OU=Twitter Security, CN=twitter.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:c2:08:98:fa:67:00:05:55:b6:0b:61:0e:1a:d7: b5:8a:c1:cc:03:be:3c:17:fb:94:f7:d9:fa:4c:9f: 46:60:9c:6a:ad:7d:3a:e5:34:5a:12:b0:b2:0b:aa: ec:96:e1:58:81:2f:ad:60:ab:47:93:69:e3:84:75: 53:c1:f9:0f:b9:46:ab:9e:ea:ab:18:98:8c:68:54: 08:51:65:43:1a:61:97:27:5c:5e:0f:15:e9:cd:16: ab:dd:51:5b:76:2f:fc:d3:11:99:9d:d2:a6:3d:87: 02:75:e6:24:96:e2:04:3e:14:9c:fa:7e:b8:71:42: 37:00:b5:b0:8a:e2:33:95:8b:da:3f:fb:63:4d:37: 62:d5:1c:02:ea:30:7e:dc:0d:53:d5:d4:0b:b8:a3: 10:13:6d:1f:89:94:0b:6a:94:44:67:29:82:ad:e6: d5:b0:52:fc:95:57:06:d6:d1:22:66:84:d3:92:2a: 02:c7:94:56:df:55:3f:c2:13:f2:7c:16:78:33:a1: 53:f7:77:97:5c:b7:96:05:d5:44:f4:bf:ef:83:22: 5d:7a:e6:8f:e4:ac:df:34:9e:b6:0f:0a:53:f0:1a: db:71:37:69:92:f6:14:a9:1c:75:65:72:45:24:09: 3b:2c:6a:d7:b9:69:a5:dc:df:6d:9c:6b:fc:c6:a2: 5b:31 Exponent: 65537 (0x10001) Attributes: a0:00 Signature Algorithm: sha256WithRSAEncryption 6c:17:ca:f2:ac:76:97:be:07:d1:75:b2:24:06:6e:32:dc:c5: 23:be:06:d9:09:7e:c3:06:2e:62:40:aa:6a:55:db:17:95:c7: 5a:d4:f3:ab:7a:fe:26:30:4b:69:47:bd:43:9f:3c:8b:15:46: 3f:4b:b9:c8:8b:1b:29:5e:08:77:e2:7e:6c:f4:31:e3:9e:6a: 5a:5f:7d:6d:4a:70:de:a5:b4:ed:56:59:95:6b:3b:d9:08:cd: 4e:ac:c3:f7:cb:8a:ac:ab:52:a6:10:14:c6:2b:fa:05:40:26: d6:8c:ec:d4:07:14:b7:8d:dd:9e:6f:86:fd:3d:32:dc:81:4f: c9:27
Options used in the "x509" commands are:
One big advantage of using "x509 -x509toreq" command to convert a certificate to a new CSR to avoid re-entering all DN (Distinguished Name) field values. The new CSR will copy all DN fields from the certificate to the CSR. In other words, the CSR will have an identical subject as the certificate.
⇒ OpenSSL "req -verify" - Error "wrong signature length"
⇐ OpenSSL "x509 -fingerprint" - Print Certificate Fingerprint
2018-02-14, 8994🔥, 0💬
Popular Posts:
How to examine a certificate file with Portecle? To examine a certificate file: From the Examine men...
How to extract the public key from a CSR using OpenSSL "req -pubkey" command? If you want to extract...
Certificate summary - Owner: *.ning.com, Operations, "Ning, Inc", L=Brisbane, ST=California, US Issu...
How to examine a CSR (Certificate Signing Request) file with Portecle? To examine a CSR file: From t...
Certificate Summary: Subject: xhamster.com Issuer: R3 Expiration: 2021-11-01 03:50:15 UTC Key Identi...