I have a certificate in Azure Key Vault. Currently it dont have the SAN.Is it possible to modify the certificate and include the SAN without creating a new version.
Unfortunately it is not possible to modify an existing certificate without invalidating the signature.
With an invalid signature the certificate will be considered invalid and rejected by the browser.
If editing a certificate would be possible and the edited certificate accepted by the browser: in this case an attacker could easily modify an existing certificate for its own domain to include any other domain for which he wants to do a man in the middle attack.
So, if you want to "modify" a certificate, then you actually need to obtain a new certificate, with new contents. It is not possible to upgrade any other SSL certificate type to SAN.
In order to add SANs to a certificate, you must generate a new Certificate Signing Request (CSR) specifying the correct common name, then reissue SSL certificate from one of the SSL providers.
If you think your question has been answered, click "Mark as Answer" if just helped click "Vote as helpful". This can be beneficial to other community members reading this forum thread.
13 people are following this question.