How to turn a X509 Certificate in to a Certificate Signing Request

Steps for taking an existing X509 Certificate and turning it in to a

Note: It should be noted that this is not a UW-Madison Help Desk or DoIT Middleware supported procedure, and, naturally, we can't take responsibility for any damage you do while following or attempting to follow these procedures. Be sure you understand what you are doing.

With an existing X509 Certificate and it's corresponding private key, OpenSSL makes it simple to recreate the CSR that was used to generate the Certificate:

$ openssl x509 -x509toreq -in my.crt -out my.csr -signkey my.key

my.crt is your existing certificate and my.key is your existing key. The CSR (in PKCS#10 format) will be placed in my.csr

See Also:

Keywords:x509 csr certificate pkcs#10 ssl cert   Doc ID:4178
Owner:MST Support .Group:Identity and Access Management
Created:2005-11-15 19:00 CDTUpdated:2022-05-25 15:15 CDT
Sites:Identity and Access Management
Feedback:  2   0