Categories:
DH Keys (39)
DSA Keys (69)
EC Keys (339)
Firefox (32)
General (13)
Google Chrome (25)
Intermediate CA (152)
Java VM (20)
JDK Keytool (25)
Microsoft CertUtil (26)
Mozilla CertUtil (18)
OpenSSL (237)
Other (17)
Portecle (38)
Publishers (1969)
Revoked Certificates (30)
Root CA (87)
RSA Keys (1833)
Tools (47)
Tutorial (7)
What Is (21)
Windows (129)
Collections:
Other Resources:
OpenSSL "req -x509 -set_serial" - Certificate Serial Number
Can I sign my own CSR with a given serial number using the OpenSSL "req -x509" command?
✍: FYIcenter.com
Yes, you can sign you own CSR (Certificate Sign Request) with a given serial number
using the OpenSSL "req -x509 -set_serial" command as shown below.
Without the "-set_serial" option, the resulting certificate will have random serial number.
See the example below:
C:\Users\fyicenter>\local\openssl\openssl.exe OpenSSL> req -x509 -in rsa_test.csr -key rsa_test.key -out rsa_test.crt -set_serial 1024 Enter pass phrase for rsa_test.key:fyicenter OpenSSL> x509 -in rsa_test.crt -serial -noout serial=0400
As you can see the given serial number is stored as a binary integer format. In the above example, 0x0400 = 1024.
⇒ OpenSSL "req -x509 -md5" - MD5 Digest for Signing
⇐ OpenSSL "req -x509 -days" - Longer Self-Signed Certificate
2016-11-11, 9468👍, 0💬
Popular Posts:
Why am I getting the "Could not initialize the application's security component" error when staring ...
Certificate Summary: Subject: http://www.valicert.com/ Issuer: http://www.valicert.com/ Expiration: ...
Where to find tutorials on using OpenSSL "genrsa" and "rsa" commands? Here is a collection of tutori...
How to search and export a certificate from a certificate store into a certificate file with Microso...
Certificate Summary: Subject: TC TrustCenter Universal CA I Issuer: TC TrustCenter Universal CA I Ex...