search by tags

for the user

adventures into the land of the command line

san certificates with openssl

this was always a mystery to me…

$ openssl req -new -sha256 -nodes -out some.csr -newkey rsa:2048 -keyout some.key -config some.openssl.cnf

the config file would look something like this…

// some.openssl.cnf

[req]
default_bits = 2048
prompt = no
default_md = sha256
req_extensions = req_ext
distinguished_name = dn

[ dn ]
C=AU
O=Some Organisation
OU=Dev Ops
CN=some.domain.io
ST=Victoria
L=Melbourne

[ req_ext ]
subjectAltName = @alt_names

[ alt_names ]
DNS.1 = some.domain1.io
DNS.2 = some.domain2.io
DNS.3 = someother.domain.io