Skip to content

Instantly share code, notes, and snippets.

@novemberborn

novemberborn/howto.md

Created February 17, 2016 17:32
Show Gist options
  • Star 3 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save novemberborn/9e4f9698e3eb11a21396 to your computer and use it in GitHub Desktop.
Save novemberborn/9e4f9698e3eb11a21396 to your computer and use it in GitHub Desktop.
Download ZIP
CSR with subjectAltName on OSX
Raw
howto.md

Copy /System/Library/OpenSSL/openssl.cnf to a new file.

Add the following at the end:

[ req ]
req_extensions = v3_req

[ v3_req ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names

[alt_names]

Then under alt_names list the DNS names, like:

DNS.1=novemberborn.net
DNS.2=www.novemberborn.net

When using openssl req, use the -config option to point at this modified config file. It'll create a CSR with the alternative names.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment