- create a configuration file based on your needs. you can use the following sample:
# certificate.conf [req] default_bits = 2048 prompt = no default_md = sha512 req_extensions = req_ext distinguished_name = dn [ dn ] C=[country ISO] ST=[State] L=[City] O=[Organisation] OU=[OrganisationUnit] emailAddress=[email-address] CN = [Main Domain Name] [ req_ext ] subjectAltName = @alt_names [ alt_names ] DNS.1 = [Alternative Name 1] # or if you have IP address: # IP.1 = [127.0.0.1] # IP.2 = [another address]
- now you can use the following openssl command to create a CSR based on this configuration
openssl req -new -key server.key -out server.csr -config certificate.conf
Comments are closed, but trackbacks and pingbacks are open.