Index ¦ Archives ¦ Atom

Adding subject alternative name to certificate request

This is another note to self, I must have done this 20 or 30 times over the years but I can never remember exactly how.

The easiest way I've found to add subject alternate names to certificate requests is to add two lines at the end of /etc/ssl/openssl.cnf


Then when creating a CSR simply include -reqexts SAN

openssl req -out CSR.csr -new -newkey rsa:4096 -nodes -keyout privateKey.key -reqexts SAN


openssl req -out CSR.csr -key -new -sha256 -reqexts SAN

It's that simple.

Creative Commons License
Content on this site is licensed under a Creative Commons Attribution 4.0 International License.
Built using Pelican. Based on a theme by Giulio Fidente on github.