search by tags

for the user

adventures into the land of the command line

san certificates with openssl

this was always a mystery to me…

$ openssl req -new -sha256 -nodes -out some.csr -newkey rsa:2048 -keyout some.key -config some.openssl.cnf

the config file would look something like this…

// some.openssl.cnf

default_bits = 2048
prompt = no
default_md = sha256
req_extensions = req_ext
distinguished_name = dn

[ dn ]
O=Some Organisation
OU=Dev Ops

[ req_ext ]
subjectAltName = @alt_names

[ alt_names ]
DNS.1 =
DNS.2 =
DNS.3 =