How to change only the subject(CN) in existing csr

Swapnil More picture Swapnil More · Jan 4, 2016 · Viewed 13.1k times · Source

I have a csr(Certificate Signing Request).

I have to just change the CN from that csr, leaving other fields intact. It is like updating the existing csr.

This should be done automatically. Is there any method to do this in c/c++/openssl?

Answer

Crypt32 picture Crypt32 · Jan 4, 2016

You cannot change anything in the request file, because it is a digitally signed message. If you change at least one bit there, you invalidate the signature. CA server will reject it.

What you can do:

  1. generate a new CSR
  2. instruct CA to ignore subject field and specify another one during certificate issuance (this procedure depends on CA software).