Created
April 5, 2018 15:33
-
-
Save ppmathis/96b0f0a2ca4eee77513163890844f797 to your computer and use it in GitHub Desktop.
Creates SAN certificate requests with OpenSSL without any file/configuration changes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ######################################## | |
| # Usage: | |
| # | |
| # SAN Certificate: | |
| # > export OPENSSL_SAN=DNS:a.example.com,DNS:b.example.com,DNS:c.example.com | |
| # > openssl req -reqexts v3_req_san -new -newkey rsa:2048 -out tmp.csr -keyout tmp.key (-subj "<subject>") | |
| # | |
| # Non-SAN Certificate: | |
| # > openssl req -new -newkey rsa:2048 -out tmp.csr -keyout tmp.key (-subj "<subject>") | |
| ######################################## | |
| # ... all other OpenSSL configuration goes here ... | |
| [ v3_req ] | |
| basicConstraints = CA:FALSE | |
| keyUsage = nonRepudiation, digitalSignature, keyEncipherment | |
| [ v3_req_san ] | |
| basicConstraints = CA:FALSE | |
| keyUsage = nonRepudiation, digitalSignature, keyEncipherment | |
| subjectAltName = ${ENV::OPENSSL_SAN} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment