![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 16%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,135 questions
Hello @amanjot singh
Unfortunately it is not possible to modify an existing certificate without invalidating the signature.
With an invalid signature the certificate will be considered invalid and rejected by the browser.
If editing a certificate would be possible and the edited certificate accepted by the browser: in this case an attacker could easily modify an existing certificate for its own domain to include any other domain for which he wants to do a man in the middle attack.
https://stackoverflow.com/questions/42417010/how-can-we-add-san-to-an-existing-pcks-12
So, if you want to "modify" a certificate, then you actually need to obtain a new certificate, with new contents. It is not possible to upgrade any other SSL certificate type to SAN.
In order to add SANs to a certificate, you must generate a new Certificate Signing Request (CSR) specifying the correct common name, then reissue SSL certificate from one of the SSL providers.
https://www.namecheap.com/support/knowledgebase/article.aspx/9282/2221/can-i-add-another-domain-later-after-the-ssl-certificate-has-been-issued-and-activated/
https://support.globalsign.com/ssl/general-ssl/change-certificate-details-after-issuance
If you think your question has been answered, click "Mark as Answer" if just helped click "Vote as helpful". This can be beneficial to other community members reading this forum thread.
