> I just saw the "RE: Changing the expiry date of a cert" thread
> but I think
> my question is a little different.
>
> My certs are not CA certs they are user certs where the only thing I
> really need to preserve are subject, issuer, key & cert extensions. The
> serial # doesn't matter.
>
> The thing I would like to use is "openssl x509" and specify the old cert
> and get a new cert from it with all the extensions preserved.


This capability is not built into the 'openssl' command line tool, but it's
pretty close to trivial to write a program to read in a certificate, change
the from/to validity dates, sign the certificate, and write out the result.

DS


__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org