Cant get the subjectALtName inot the root cert

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I guess I am making progress. I am not getting SAN into the root cert. my cnf has in it: 

[ req ]
# Options for the `req` tool (`man req`).
default_bits        = 2048
prompt              = no
distinguished_name  = req_distinguished_name
string_mask         = utf8only
req_extensions      = req_ext

[ req_ext ]
#subjectAltName = email:$ENV::adminemail
#subjectAltName = email:admin@xxxxxxxxxxxxxxx
subjectAltName = IP:192.168.24.1
I tried all three above alternatives for SAN. No SAN in the root cert created with: 

openssl req -config openssl-root.cnf -key private/ca.key.pem \
-new -x509 -days 7300 -sha256 -extensions v3_ca -out certs/ca.cert.pem 

Thanks for any insight.
This type of cnf worked for creating a CSR and with the copy option the SAN made it into the cert. 

thanks

Bob

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux