]> git.ipfire.org Git - thirdparty/strongswan.git/commit
projects / thirdparty / strongswan.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 359b573) | patch
pki: pki --req can use old certreq as template
authorAndreas Steffen <andreas.steffen@strongswan.org>
Mon, 29 Aug 2022 08:34:58 +0000 (10:34 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Wed, 31 Aug 2022 13:10:34 +0000 (15:10 +0200)
commit3fa3d2666a547580b40822f3eb7f2dfd6a5861a3
tree3eda05a7809f2d2f40b3e742d05ba907e4d91632tree
parent359b5739f4b2257d7ae03eaa06b38f561a54aef5commit | diff
pki: pki --req can use old certreq as template

When an X.509 certificate has to be renewed it is helpful to use
the old PKCS#10 certificate request as a template, so that the
distinguishedName (DN), the subjectAlternativeName (SAN) and
a certificate profile name don't have to be typed-in again.

The old public key in the existing certreq is replaced with the
new key and the signature is re-generated using the new private key.
src/libstrongswan/credentials/certificates/pkcs10.h diff | blob | blame | history
src/libstrongswan/plugins/x509/x509_pkcs10.c diff | blob | blame | history
src/pki/commands/req.c diff | blob | blame | history
src/pki/man/pki---req.1.in diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.