How to change only the subject(CN) in existing csr

openssl ssl-certificate mdm client-certificates
Swapnil More picture Swapnil More · Jan 4, 2016 · Viewed 13.1k times · Source

I have a csr(Certificate Signing Request).

I have to just change the CN from that csr, leaving other fields intact. It is like updating the existing csr.

This should be done automatically. Is there any method to do this in c/c++/openssl?

Answer

Crypt32 picture Crypt32 · Jan 4, 2016

You cannot change anything in the request file, because it is a digitally signed message. If you change at least one bit there, you invalidate the signature. CA server will reject it.

What you can do:

  1. generate a new CSR
  2. instruct CA to ignore subject field and specify another one during certificate issuance (this procedure depends on CA software).

Related questions

How to create a self-signed certificate with OpenSSL

I'm adding HTTPS support to an embedded Linux device. I have tried to generate a self-signed certificate with these steps: openssl req -new > cert.csr openssl rsa -in privkey.pem -out key.pem openssl x509 -in cert.csr -out …

Read More
Using openssl to get the certificate from a server

I am trying to get the certificate of a remote server, which I can then use to add to my keystore and use within my java application. A senior dev (who is on holidays :( ) informed me I can run this: …

Read More
curl: (60) SSL certificate problem: unable to get local issuer certificate

root@sclrdev:/home/sclr/certs/FreshCerts# curl --ftp-ssl --verbose ftp://{abc}/ -u trup:trup --cacert /etc/ssl/certs/ca-certificates.crt * About to connect() to {abc} port 21 (#0) * Trying {abc}... * Connected to {abc} ({abc}) port 21 (#0) < 220-Cerberus FTP Server - Home Edition &…

Read More