Generate a certificate request but keep your old key with openssl

Until today, I didn’t know you could do this. I always just did a cert request and generated a new key. Sometimes it is handy to keep your old key, and here is how you do it.


openssl req -new -sha2048 -key yourdomain.com.key -out yourdomain.com.csr

This works well. I used it to change the name of an existing certificate without rekeying it, which made the process simpler.

This entry was posted in Linux, SSL. Bookmark the permalink.

Comments are closed.