Collections:
Other Resources:
OpenSSL "req -x509 -set_serial" - Certificate Serial Number
Can I sign my own CSR with a given serial number using the OpenSSL "req -x509" command?
✍: FYIcenter.com
Yes, you can sign you own CSR (Certificate Sign Request) with a given serial number
using the OpenSSL "req -x509 -set_serial" command as shown below.
Without the "-set_serial" option, the resulting certificate will have random serial number.
See the example below:
C:\Users\fyicenter>\local\openssl\openssl.exe OpenSSL> req -x509 -in rsa_test.csr -key rsa_test.key -out rsa_test.crt -set_serial 1024 Enter pass phrase for rsa_test.key:fyicenter OpenSSL> x509 -in rsa_test.crt -serial -noout serial=0400
As you can see the given serial number is stored as a binary integer format. In the above example, 0x0400 = 1024.
⇒ OpenSSL "req -x509 -md5" - MD5 Digest for Signing
⇐ OpenSSL "req -x509 -days" - Longer Self-Signed Certificate
2016-11-11, 20🔥, 0💬
Popular Posts:
Why I am getting the "Your connection is not private" error screen in Google Chrome 51? I am using a...
Certificate summary - Owner: www.surveymonkey.com, Terms of use at www.verisign.com/rpa (c)05, "Surv...
Public Key Summary: Key Identifier: E5:9D:59:30:82:47:58:CC: AC:FA:08:54:36:86:7B:3A: B5:04:4D:F0Name...
Certificate Summary: Subject: GlobalSign Extended Validation CA - SHA256 - G3 Issuer: GlobalSign Exp...
Certificate summary - Owner: www.apple.com, ISG for Akamai, Apple Inc., STREET=1 Infinite Loop, L=Cu...