Difference between revisions of "Generate a CSR with SANs"
IVSWikiBlue (talk | contribs) |
IVSWikiBlue (talk | contribs) |
||
| (5 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | < | + | __TOC__ |
| − | + | {{Article | title = Generate a CSR with SANs | content = | |
| − | + | <ol> | |
| − | < | + | <li> Connect to the Valt appliance via SSH</li> |
| − | + | <li> Type in the following, and press {{Keyboard | key = Enter}}</li> | |
| + | <ul> | ||
| + | <li>{{Code Block - Mini | text = <span class="code_regex">nano</span> <span class="code_file">csr_details.conf</span>}}</li> | ||
| + | </ul> | ||
| + | <li> Copy and paste the following into nano:</li> | ||
| + | {{Aside | content = Make sure to update the CSR with your information.}} | ||
<pre>[req] | <pre>[req] | ||
default_bits = 2048 | default_bits = 2048 | ||
| Line 23: | Line 28: | ||
DNS.1 = your-new-domain.com | DNS.1 = your-new-domain.com | ||
DNS.2 = www.your-new-domain.com</pre> | DNS.2 = www.your-new-domain.com</pre> | ||
| − | + | <li> Update the information to match your installation. This is the same information you would normally put in a CSR.</li> | |
| − | + | <li> Press {{Keyboard | key = CTRL}} + {{Keyboard | key = X}}</li> | |
| − | + | <li> Enter {{Keyboard | key = Y}}.</li> | |
| − | + | <li> Press {{Keyboard | key = Enter}}.</li> | |
| − | + | <li> Type in the following, and press {{Keyboard | key = Enter}}</li> | |
| − | + | <ul> | |
| − | < | + | <li>{{Code Block - Mini | text = <span class="code_regex">openssl</span> req -new -sha256 -nodes -out <span class="code_file">valt.csr</span> -newkey rsa:2048 -keyout <span class="code_file">valt.key</span> -config <span class="code_file">csr_details.conf</span>}}</li> |
| − | </ | + | </ul> |
| + | {{Aside | content = Make sure to update the CSR and key path for your installation.}} | ||
| + | </ol> | ||
| + | {{hr}} | ||
| + | ==Other Commands== | ||
| + | <dl> | ||
| + | <dt>Check a Certificate Signing Request (CSR)</dt> | ||
| + | <dd>{{Code Block - Mini | text = <span class="code_regex">openssl</span> req -text -noout -verify -in <span class="code_file">valt.csr</span>}}</dd> | ||
| + | <dt>Check a certificate</dt> | ||
| + | <dd>{{Code Block - Mini | text = <span class="code_regex">openssl</span> x509 -in <span class="code_file">valt.cer</span> -text -noout}}</dd> | ||
| + | <dt>Check a private key</dt> | ||
| + | <dd>{{Code Block - Mini | text = <span class="code_regex">openssl</span> rsa -in <span class="code_file">valt.key</span> -check}}</dd> | ||
| + | </dl> | ||
| + | }} | ||
Latest revision as of 11:32, 4 November 2024
Generate a CSR with SANs
- Connect to the Valt appliance via SSH
- Type in the following, and press Enter
- nano csr_details.conf
- Copy and paste the following into nano:
- Update the information to match your installation. This is the same information you would normally put in a CSR.
- Press CTRL + X
- Enter Y.
- Press Enter.
- Type in the following, and press Enter
- openssl req -new -sha256 -nodes -out valt.csr -newkey rsa:2048 -keyout valt.key -config csr_details.conf
✎Make sure to update the CSR with your information.
[req] default_bits = 2048 prompt = no default_md = sha256 req_extensions = req_ext distinguished_name = dn [ dn ] C=US ST=New York L=Rochester O=End Point OU=Testing Domain emailAddress=your-administrative-address@your-awesome-existing-domain.com CN = www.your-new-domain.com [ req_ext ] subjectAltName = @alt_names [ alt_names ] DNS.1 = your-new-domain.com DNS.2 = www.your-new-domain.com
✎Make sure to update the CSR and key path for your installation.
Other Commands
- Check a Certificate Signing Request (CSR)
- openssl req -text -noout -verify -in valt.csr
- Check a certificate
- openssl x509 -in valt.cer -text -noout
- Check a private key
- openssl rsa -in valt.key -check
