1

I have been trying to create certificates with the subjectAltName of the type /subjectAltName=DNS.1=www.domain.net,DNS.2=*.www.domain.net but when I view the key only the CN I set is displayed, ie www.domain.net.

Is the syntax I am using for the subjectAltName wrong, or is adding the subjectAltNames from ta configuration file the only way to accomplish that?

vfclists
  • 19,193
  • 21
  • 73
  • 92
  • Stack Overflow is a site for programming and development questions. This question appears to be off-topic because it is not about programming or development. See [What topics can I ask about here](http://stackoverflow.com/help/on-topic) in the Help Center. Perhaps [Super User](http://superuser.com/) or [Unix & Linux Stack Exchange](http://unix.stackexchange.com/) would be a better place to ask. Also see [Where do I post questions about Dev Ops?](http://meta.stackexchange.com/q/134306) – jww Apr 02 '17 at 19:46
  • 1
    The *Subject Name (SN)* and *Subject Alternate Name (SAN)* are different. As far as I know, the only way to set the SANs are through the config file. Also see see [How do you sign Certificate Signing Request with your Certification Authority](http://stackoverflow.com/a/21340898/608639) and [How to create a self-signed certificate with openssl?](http://stackoverflow.com/q/10175812/608639) – jww Apr 02 '17 at 19:52

1 Answers1

-1

You can put the alt names into the config lie you stated. Why do you need it otherwise anyways?

If you are too tired of always changing the config's contents, just write a shell or bash script to ask you for the input and to edit the file and roll the certificates afterwards I guess

christopher westburry
  • 507
  • 1
  • 6
  • 14