开发者

Renew certificate with Java Keytool - reuse old CSR?

I have an SSL certificate in a Java keystore. It's going to expire in a week or so and I need to renew it.

Can I reuse the previous CSR (which the CA 开发者_JS百科still have) and then import the certificate using the import command or do I need to generate a new CSR?


You can (if your CA doesn't check for public key reuse), but it's a bad security practice. The primary purpose of the validity period is to limit the time in which a certificate and associated private key is exposed to the possibility of being compromised.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜