How to create a Origin certificate still keeps the CSR's Issuer information and specify the validity date of the Origin certificate?

I tried creating an Origin certificate on the web control panel using my private key and CSR. However, the Origin certificate I received, most of the Issuer information in CSR aren’t retained but have been replaced with Cloudflare’s Issuer.
image
So, I want to know if there is a way to keep the CSR’s Issuer information that I use to create a Origin certificate?
In addition, there is a way to specify the validity date (NOT the expiration date) of Origin certificate? I have seen the API document, API can’t solve both issues (retain the Issuer information and specify the validity date).

A CSR contains information for a CA to sign a certificate, but of course the CA will be the issuer and you cannot specify that yourself.

What do you mean by “validity date”? Both relevant dates are set by the CA as well, though in the case of Origin certificates, you can define how long the certificate should be valid.

You may want to check out Certificate signing request - Wikipedia

1 Like

A CSR contains information for a CA to sign a certificate, but of course the CA will be the issuer and you cannot specify that yourself.

I know this, I’ve seen this answer: Can any field in a CSR be overwritten in the issued cert?
So CA has the right to keep or remove the information Issuer in CSR, that’s why I want to ask if there is a way to keep those information when requesting a Origin certificate?

What do you mean by “validity date”? Both relevant dates are set by the CA as well, though in the case of Origin certificates, you can define how long the certificate should be valid.

That’s right, meaning on the word side. Do I want to know if a way to specify the validity date of the certificate is granted?
For example: I don’t want it to take valid as soon as it is granted, I want to specify it will start taking valid on Sunday of next week instead of right now, and the expiration date will = validity date due I appoint + requested_validity days.

Why would you want that?

As the name indicates, the CSR basically asks a CA to sign a certificate, that’s it.

Then you need to get the certificate on that day. With Origin certificates you can specify for how long they are valid, but not from when.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.