--tThc/1wpZn/ma/RB
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Am I reading the 0.9.8 documentation correctly, that there is no way
to get 'openssl req' to read in a CSR, generate a new keypair, and
write out a new CSR and private key? Because that would be mighty
handy for ordering renewals while not allowing the private key to go
stale. Like:

openssl req \
-in 2007.csr \
-newkey rsa:2048 \
-out 2008.csr \
-keyout 2008.key

Yeah, I could generate a completely new CSR with the constant data
filled in using a custom config, IF I had built the original CSR that
way, but I didn't. :-( Maybe I will go ahead and make one for next
year.

--=20
Mark H. Wood, Lead System Programmer mwood@IUPUI.Edu
Typically when a software vendor says that a product is "intuitive" he
means the exact opposite.


--tThc/1wpZn/ma/RB
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.7 (GNU/Linux)

iD8DBQFH6Ugds/NR4JuTKG8RAnVSAJ9maKv/op5HpVolJm/51xk/LUnhrACgj8fJ
LK4pOeQsfjEjVejXBawjKqY=
=0iOs
-----END PGP SIGNATURE-----

--tThc/1wpZn/ma/RB--
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org