Generate a CSR with SANs

From IVS Wiki
Jump to: navigation, search
  1. Connect to the Valt appliance via SSH
  2. Type in the following, and press Enter
    • nano csr_details.conf
  3. Copy and paste the following into nano:

    4. Make sure to update the CSR with your information. 

    [req]
default_bits = 2048
prompt = no
default_md = sha256
req_extensions = req_ext
distinguished_name = dn
[ dn ]
C=US
ST=New York
L=Rochester
O=End Point
OU=Testing Domain
emailAddress=your-administrative-address@your-awesome-existing-domain.com
CN = www.your-new-domain.com
[ req_ext ]
subjectAltName = @alt_names
[ alt_names ]
DNS.1 = your-new-domain.com
DNS.2 = www.your-new-domain.com
  4. Update the information to match your installation. This is the same information you would normally put in a CSR.
  5. Press CTRL + X
  6. Enter Y.
  7. Press Enter.
  8. Type in the following, and press Enter
    • openssl req -new -sha256 -nodes -out valt.csr -newkey rsa:2048 -keyout valt.key -config csr_details.conf

    Make sure to update the CSR and key path for your installation.

Other Commands
Check a Certificate Signing Request (CSR)
openssl req -text -noout -verify -in valt.csr
Check a certificate
openssl x509 -in valt.cer -text -noout
Check a private key
openssl rsa -in valt.key -check
Retrieved from "https://ipivs.info/wiki/index.php?title=Generate_a_CSR_with_SANs&oldid=11998"