cfssl certinfo should be pipeable into cfssl genkey -

[mrnetops]

cfssl certinfo should be pipeable into cfssl genkey - to generate a new csr and key based off of a preexisting cert, csr or domain.

i.e.

cfssl certinfo -domain www.cloudflare.com | cfssl genkey -

This would be useful for renewals.

Currently, I end up with pretty much none of the data translating into the new csr/key

• No subject
• No san
• No matching key algorithm

1. cfssl certinfo doesn't provide full key details.

i.e. no "key": { "algo": "rsa", "size": 2048 } or equivalent

2. cfssl certinfo and cfssl genkey don't represent data the same way, nor does cfssl genkey seem to alias or understand cfssl certinfo data.

i.e.
cfssl certinfo .sans vs cfssl genkey - .hosts
cfssl certinfo .subject (and sub-key names) vs cfssl genkey .names (and sub-key names)

[mrnetops]

Tangentially related, for cfssl genkey, why is names an array then an object instead of just an object? When would there be multiple objects under names?

ala

    "names": [
        {
            "C":  "US",
            "L":  "San Francisco",
            "O":  "Internet Widgets, Inc.",
            "OU": "WWW",
            "ST": "California"
        }
    ]

vs

    "names": {
            "C":  "US",
            "L":  "San Francisco",
            "O":  "Internet Widgets, Inc.",
            "OU": "WWW",
            "ST": "California"
    }