Date: Thu, 30 Apr 2009 07:42:32 +0200 From: Mel Flynn <mel.flynn+fbsd.questions@mailing.thruhere.net> To: freebsd-questions@freebsd.org Cc: John Almberg <jalmberg@identry.com>, Robert Huff <roberthuff@rcn.com>, Dan Nelson <dnelson@allantgroup.com> Subject: Re: Is it necessary to generate a new SSL request each year? Message-ID: <200904300742.32991.mel.flynn%2Bfbsd.questions@mailing.thruhere.net> In-Reply-To: <18936.56654.494648.286696@jerusalem.litteratus.org> References: <624F45CA-1083-4DC2-8A98-DFE44B5B6CE8@identry.com> <20090429225158.GC91578@dan.emsphone.com> <18936.56654.494648.286696@jerusalem.litteratus.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday 30 April 2009 01:05:50 Robert Huff wrote: > Dan Nelson writes: > > > When buying a new SSL cert, I've been generating a new > > > request each year... I am just about to buy another and it > > > occurred to me that I'm entering the same info. Do I really > > > need a new request file each year? Or can I just reuse the > > > same one (presuming none of the info has changed.) > > > > You can reuse the old one. > > I'm not an expert on these, but it was my understanding that > certificates carry in internal "expiration date" after which the > application may respond as it pleases. Yes, but the *request* does not. Also, if using openssl, just set the defaults in /etc/ssl/openssl.cnf to your values, so you can enter through the questions. -- Mel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200904300742.32991.mel.flynn%2Bfbsd.questions>