Problems revoking a cert

Michael Leone turgon at mike-leone.com
Mon Feb 24 16:37:17 UTC 2020


SO I was an idiot, and signed a certificate, but specified an invalid
location. i.e., I used a "/" instead of a "/" in the location.

$ sudo openssl ca -in requests/<client>.req -out
certs\<client>-2020-02-24.<FQDN>

And so I can't find that cert file anywhere (obviously). So I'd like to
revoke it, so that I can re-sign it properly. But whenever I go to revoke
it, I have nothing to use an input to the revoke functionality.

I know the serial number of the wrongly issued cert, I had hoped I could
revoke using just the serial number. But searches tell me I can't do it
that way.

So what can I do now? (short of asking for another request file, I mean - I
can't resign the existing one, openssl tells me that a cert already exists.
And I don't think I can just insert the bad cert serial number in the CRL,
right? To "effectively" revoke it, so I can resign, properly?).

Thanks
-- 

Mike. Leone, <mailto:turgon at mike-leone.com>

PGP Fingerprint: 0AA8 DC47 CB63 AE3F C739 6BF9 9AB4 1EF6 5AA5 BCDF
Photo Gallery: <http://www.flickr.com/photos/mikeleonephotos>

This space reserved for future witticisms ...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20200224/31db2b4c/attachment.html>


More information about the openssl-users mailing list