On Wednesday 13 January 2016 16:22:10 Mauro Romano Trajber wrote: > In which section? > > On section [CA_default] I have 'copy_extensions = copy' Is that the issue? You have copy_extensions in the CA_default section, which is no doubt referenced to by the default_ca = ... stanza earlier in the config file. My understanding is that this is only read when you use the openssl ca command. As you stated you're using the openssl x509 command to sign your request, then this isn't being read. Any reason you're not signing with the openssl ca command? I've just checked and it works as you expected when using this command. Kind regards, Gareth > > Can I do this using only command line options? > > On Wed, Jan 13, 2016 at 3:42 PM, Salz, Rich <rsalz at akamai.com> wrote: > > >But when I try to sign it using my own CA using the x509 command this > > > > data is removed > > > > You need to make sure that subjectAltName is marked as copy in your config > > file. > > _______________________________________________ > > openssl-users mailing list > > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
