Rich Freeman on 22 Dec 2014 07:51:45 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Issuing a cert from OpenSSL without a CSR from the client

On Mon, Dec 22, 2014 at 10:36 AM, Michael Leone <> wrote:
> Any request I generate myself on my CA, in the name of the Connections
> server, will be pretty much the same as an actual CSR generated on that
> Connections server, right? Just as valid a CSR, I mean.

It should be completely possible in theory, though I'd have to dig
through a bazillion openssl manpages to tell you how.  You'll
definitely need access to the public key for the server - I don't know
if generating a csr requires access to the private key offhand (I'd
hope that it does, otherwise anybody could generate one, though they
couldn't actually make use of it without the private key other than
maybe to confuse clients).

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --