novemberborn/howto.md

Created February 17, 2016 17:32

Star (3) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/novemberborn/9e4f9698e3eb11a21396.js"></script>
Save novemberborn/9e4f9698e3eb11a21396 to your computer and use it in GitHub Desktop.

Download ZIP

CSR with subjectAltName on OSX

Raw

howto.md

Copy /System/Library/OpenSSL/openssl.cnf to a new file.

Add the following at the end:

[ req ]
req_extensions = v3_req

[ v3_req ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names

[alt_names]

Then under alt_names list the DNS names, like:

DNS.1=novemberborn.net
DNS.2=www.novemberborn.net

When using openssl req, use the -config option to point at this modified config file. It'll create a CSR with the alternative names.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment