Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (69)
EC Keys (577)
Firefox (31)
General (12)
Google Chrome (25)
Intermediate CA (152)
Java VM (33)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (22)
OpenSSL (237)
Other (7)
Portecle (38)
Publishers (2706)
Revoked Certificates (30)
Root CA (89)
RSA Keys (2231)
Tools (46)
Tutorial (3)
What Is (22)
Windows (129)
Collections:
Other Resources:
OpenSSL "req -x509 -set_serial" - Certificate Serial Number
Can I sign my own CSR with a given serial number using the OpenSSL "req -x509" command?
✍: FYIcenter.com
Yes, you can sign you own CSR (Certificate Sign Request) with a given serial number
using the OpenSSL "req -x509 -set_serial" command as shown below.
Without the "-set_serial" option, the resulting certificate will have random serial number.
See the example below:
C:\Users\fyicenter>\local\openssl\openssl.exe OpenSSL> req -x509 -in rsa_test.csr -key rsa_test.key -out rsa_test.crt -set_serial 1024 Enter pass phrase for rsa_test.key:fyicenter OpenSSL> x509 -in rsa_test.crt -serial -noout serial=0400
As you can see the given serial number is stored as a binary integer format. In the above example, 0x0400 = 1024.
⇒ OpenSSL "req -x509 -md5" - MD5 Digest for Signing
⇐ OpenSSL "req -x509 -days" - Longer Self-Signed Certificate
2016-11-11, 12684👍, 0💬
Popular Posts:
How to verify an HTTPS server certificate? To help you to verify an HTTPS server certificate and vie...
Certificate summary - Owner: DigiCert SHA2 Secure Server CA, DigiCert Inc, US Issuer: DigiCert Globa...
Certificate summary - Owner: *.acesse.com, Domain Control Validated Issuer: SERIALNUMBER=07969287, G...
How to get a list of all command options supported by "certmgr.exe"? You can see a list of all comma...
How to get a list of all certificates with more details in "Personal" certificate store using "certm...