Is it necessary to generate a new SSL request each year?

John Almberg jalmberg at
Fri May 1 01:44:19 UTC 2009

>>>  You can reuse the old one.
>> 	I'm not an expert on these, but it was my understanding that
>> certificates carry in internal "expiration date" after which the
>> application may respond as it pleases.
> Yes, but the *request* does not.
> Also, if using openssl, just set the defaults in /etc/ssl/ 
> openssl.cnf to your
> values, so you can enter through the questions

Cool... save a minute here and a minute there... at the end of a  
year, I might have enough saved up to take lunch!

-- John

More information about the freebsd-questions mailing list