When you renew an SSL certificate, you have to create a new Certificate Signing Request (CSR) with the same information as the original certificate. To get this information there are several options:
1. If the certificate authority (CA) is Verisign then you can search for the certificate on there support website and view the contents. You’ll need to know the exact domain name that was used to generate the certificate.
2. If you have the original CSR then you can use the following command to view the contents:
1 |
openssl req -noout -text -in domainname.csr |
3. If you have the original certificate the you can use this command to view it’s contents:
1 |
openssl x509 -noout -text -in server.crt |
Other usefull commands include:
a. Show contents of private key:
1 |
openssl rsa -noout -text -in domainname.key |
b. Generate a key and csr:
1 2 |
openssl genrsa -des3 -out domainname.key 1024 openssl req -new -key domainname.key -out domainname.csr |