1

For a customer we need to order a SSL certificate, normally this would be done by their help-desk and we provide the CSR. But as the old certificate will expire soon, and their help-desk need about 7 days to order the new one, I would like to order one for them myself so the site wont go down.

Now, is it possible to have the same CSR signed twice? Once by my CA of choice and once by their CA of choice? Or do I need to regenerate a CSR for the help-desk?

M'vy
  • 13,033
  • 3
  • 47
  • 69
BadSkillz
  • 4,404
  • 24
  • 29

1 Answers1

1

Certificate Signing Requests are independent of the issuer at this point.

It only binds the requester information (including public key) together with a signature which prove the CSR has been made for a public/private key you do possess.

Any CA can then proceed to issue a certificate with this information.

M'vy
  • 13,033
  • 3
  • 47
  • 69
  • So having a CSR signed by comodo, and then have the same CSR signed by Symantec would provide two working certificates. There is no check on whether a CSR has already been signed by another party? – BadSkillz Mar 02 '16 at 10:59
  • There is no central repository for CSR to allow such a verification. Technically, you can even sign the same CSR twice with the same issuer. – M'vy Mar 02 '16 at 11:00