From the openssl documentation at http://www.openssl.org/docs/apps/req.html is this list of example field values: [ req_distinguished_name ] C = GB ST = Test State or Province L = Test Locality O = Organization Name OU = Organizational Unit Name CN = Common Name emailAddress = test@email.address Note that this is a copy of the req man page which you referred to says. In the case of a server certificate, the Common Name is the FQDN of the server, eg: www.example.com. The "company name" which you refer to below] should always go in the O field. There's also some really good documentation on the apache site at http://httpd.apache.org/docs/2.4/ssl/ssl_intro.html which I would recommend going through if all this is new to you. HTH, Pete On Fri, Apr 04, 2014 at 06:47:47PM +0700, Andy Canfield wrote: > Well, "a while" turned out to be one day. Stuck again. > > I found a web page that had some info on it, It shows a command (openssl > req) to create a privately signed SSL key. Unfortunately, it doesn't > explain that command, but 'man req 1' has more information such as what > '-x509' does for me (this has got to be one of the greatest parameter > keywords of all time). However, the example include this on the openssl > command line: > > -subj /O=VirtualH/OU=Virtual/CN=127.0.0.1 > > The man req 1 page says this consists of a subject line with sub-options > /O as "VirtualH", /OH as "Virtual", and "CN" as "127.0.0.1", and no > blanks. But I can find nothing, NOTHING, that explain what the > suboptions of the -subj parameter are. What is O? What is OU? What is > CN? Is 'VirtualH' a name for the virtual host? Where is that documented, > does anyone know? > > I'd like to get the company name into that certificate somewhere, but > don't yet see how. > > Thank you. -- Openstrike - improving business through open source http://www.openstrike.co.uk/ or call 01722 770036 / 07092 020107
Attachment:
pgpHwgp_nj6l4.pgp
Description: PGP signature
|