# Get Finger Print
openssl x509 -in ca.cert -noout -fingerprint -sha256
openssl x509 -in ca.cert -noout -fingerprint -sha1
Reference:
- https://www.openssl.org/docs/manmaster/apps/x509.html
- http://www.zytrax.com/tech/survival/ssl.html#ssl
- http://www.zytrax.com/tech/survival/encryption.html
- https://www.openssl.org/docs/manmaster/apps/x509v3_config.html (How to use multiple paramters eg. subjectAltName)
subjectAltName (SAN) - Seems to be a complex topic with OpenSSL. Supported only using the config file (Cannot be one line cmd)
- http://security.stackexchange.com/questions/74345/provide-subjectaltname-to-openssl-directly-on-command-line (Much better solution)
- http://wiki.cacert.org/FAQ/subjectAltName
- http://serverfault.com/questions/455525/openssl-how-to-generate-a-csr-with-interactively-solicited-subject-alternative?rq=1
- http://blog.loftninjas.org/2008/11/11/configuring-ssl-requests-with-subjectaltname-with-openssl/
- http://blog.endpoint.com/2014/10/openssl-csr-with-alternative-names-one.html
- http://apetec.com/support/GenerateSAN-CSR.htm