Yes. Thats what I was trying to ask. So, how can I change the expiry date of an existing certificate without changing any other field ? Is there any openssl command that I may use ?
On 10/17/07, G.W. Haywood <[EMAIL PROTECTED]> wrote: > > Hi there, > > On Wed, 17 Oct 2007, David Schwartz wrote: > > > The OP wrote: > > > > > I have a private CA certificate created using openssl command line. > > > The issue is that the certificate expires on 19th Oct, 2007. > > > The question is that "Is it possible to extend the expiry of this > > > certificate without changing any other fields in the certificate?" > > > Basically, I want to continue using this CA Cert to sign end-user > > > certs for a longer time. > > > Any help will be appreciated. Thanks. > > > > This question comes up a lot and I still have no idea what anyone is > asking. > > It seems fairly clear to me. > > > It seems like it's largely a philosophical question, like am I the same > > person I was ten years ago even though only 1% of the molecules are the > > same. > > I don't think the OP asked anything like that. > > > Some might consider the resulting certificate to be the original > certificate > > with a later expiry date. Some might consider it to be a brand new > > certificate that just happens to share some common values with the > previous > > certificate. > > I don't think the OP asked whether it would still be the old certificate > or > if it would be a new certificate. He just asked if he can change the > date, > and only the date, on his existing certificate. > > > What possible difference does it make whether you consider the resulting > > certificate a "new certificate" or "the original certificate with a > later > > expiration date"? > > I don't think, in this thread, that anyone else considered that > difference. > > > Or are you asking something else entirely? And if so, what? > > It seems to me that the OP is indeed asking something else entirely > different from the question which you yourself seem to have posed and > then immediately failed to answer. He's asking > > "Is it possible to extend the expiry of this certificate without > changing any other fields in the certificate?" > > to which it seems that the answer is > > "Yes", > > although one might add that the resulting certificate could be viewed > by some as a different certificate. In that case, the next question > would be "Is it valid?", to which the answer would also presumably be > > "Yes". > > Have I understood? > > -- > > 73, > Ged. > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] >
