feature idea: re-sign a CSR

[amlynnworth]

Hi, this is just a suggestion for something I am trying to do without python, and that is to replace the signature and public key values within a Certificate Signing Request "CSR."

This is the python-based solution: https://github.com/g-a-d/aws-kms-sign-csr

I think that, combined with AWS KMS (not AWS CloudHMS), there could be a relatively cost effective solution for independent software developers who need to codesign in a continuous integration situation, i.e. from command line on a remote "build" computer. Step 1 of that is to securely sign a CSR to give to a third party certificate supplier, so that the resulting EXE signature shows up as valid.

Meanwhile thank you for everything jsign already does.