Mohan,
Unless the certificate is self-signed there is no way to change the
information without having to invalidate it by signing it yourself anyway.
You would either have to get a new certificate from the same (or other
trusted) CA, and install that one, or (if it is self signed) generate a new
certificate and sign it yourself with the same private key as before, and
then start using the new one. So I am not familiar with the Java interface
with SSL, but in c at least you would create this new cert using the X509
library. Hope this helps shed some light.
-Sam
On Thu, Aug 19, 2010 at 6:24 AM, Mohan Radhakrishnan <
radhakrishnan.mo...@gmail.com> wrote:
> Hi John,
> Yes. We do use SSL certificates. You can consider me a
> newbie. I am just trying to understand the ways to roll an
> intermediate or any other certificate that is going to expire soon
> without causing an outage. Is that possible at all ?
>
> (e.g)
> If a certificate is compromised I am trying to roll to a new
> certificate without bringing down my java application.
>
> Thanks,
> Mohan
>
> On Thu, Aug 19, 2010 at 2:11 PM, John Doe <jd...@yahoo.com> wrote:
> > From: Mohan Radhakrishnan <radhakrishnan.mo...@gmail.com>
> >
> >> Is there any material that shows how to roll to new
> >> certificates using OpenSSL ? I am looking for a test case to
> >> understand how this works. Anyone know about this ?
> >
> > Did you try to google something like "generate certificate openssl" or
> "openssl
> > certificates howto"...?
> >
> > JD
> >
> >
> >
> > ______________________________________________________________________
> > OpenSSL Project http://www.openssl.org
> > User Support Mailing List openssl-users@openssl.org
> > Automated List Manager majord...@openssl.org
> >
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majord...@openssl.org
>
--
Sam Jantz
Software Engineer
