Certificate renewal with Java Keytool - reuse of old CSR?

Question

Certificate renewal with Java Keytool - reuse of old CSR?

I have an SSL certificate in the Java keystore. Expires in a week or so, and I need to update it.

Is it possible to reuse the previous CSR (which CA still has) and then import the certificate using the import command, or do I need to create a new CSR?

+6

java certificate keytool

Brian beckett May 07 '10 at 9:56

source share

1 answer

bignum · Accepted Answer · 2010-05-07T10:26:44+0000

You can (if your CA does not verify public key reuse), but this is a bad security practice. The main purpose of the validity period is to limit the time during which the certificate and the associated private key are at risk of compromise.

Certificate renewal with Java Keytool - reuse of old CSR?

More articles: