Am I reading the 0.9.8 documentation correctly, that there is no way to get 'openssl req' to read in a CSR, generate a new keypair, and write out a new CSR and private key? Because that would be mighty handy for ordering renewals while not allowing the private key to go stale. Like:
openssl req \
-in 2007.csr \
-newkey rsa:2048 \
-out 2008.csr \
-keyout 2008.key
Yeah, I could generate a completely new CSR with the constant data
filled in using a custom config, IF I had built the original CSR that
way, but I didn't. :-( Maybe I will go ahead and make one for next
year.
--
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Typically when a software vendor says that a product is "intuitive" he
means the exact opposite.
pgpwLwFBU4rOO.pgp
Description: PGP signature
