Difference between revisions of "Generate a CSR with SANs"
IVSWikiBlue (talk | contribs) |
IVSWikiBlue (talk | contribs) |
||
(2 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | {{ | + | __TOC__ |
+ | {{Article | title = Generate a CSR with SANs | content = | ||
<ol> | <ol> | ||
<li> Connect to the Valt appliance via SSH</li> | <li> Connect to the Valt appliance via SSH</li> | ||
Line 37: | Line 38: | ||
{{Aside | content = Make sure to update the CSR and key path for your installation.}} | {{Aside | content = Make sure to update the CSR and key path for your installation.}} | ||
</ol> | </ol> | ||
+ | {{hr}} | ||
+ | ==Other Commands== | ||
+ | <dl> | ||
+ | <dt>Check a Certificate Signing Request (CSR)</dt> | ||
+ | <dd>{{Code Block - Mini | text = <span class="code_regex">openssl</span> req -text -noout -verify -in <span class="code_file">valt.csr</span>}}</dd> | ||
+ | <dt>Check a certificate</dt> | ||
+ | <dd>{{Code Block - Mini | text = <span class="code_regex">openssl</span> x509 -in <span class="code_file">valt.cer</span> -text -noout}}</dd> | ||
+ | <dt>Check a private key</dt> | ||
+ | <dd>{{Code Block - Mini | text = <span class="code_regex">openssl</span> rsa -in <span class="code_file">valt.key</span> -check}}</dd> | ||
+ | </dl> | ||
}} | }} |
Latest revision as of 11:32, 4 November 2024
Generate a CSR with SANs
- Connect to the Valt appliance via SSH
- Type in the following, and press Enter
- nano csr_details.conf
- Copy and paste the following into nano:
- Update the information to match your installation. This is the same information you would normally put in a CSR.
- Press CTRL + X
- Enter Y.
- Press Enter.
- Type in the following, and press Enter
- openssl req -new -sha256 -nodes -out valt.csr -newkey rsa:2048 -keyout valt.key -config csr_details.conf
✎Make sure to update the CSR with your information.
[req] default_bits = 2048 prompt = no default_md = sha256 req_extensions = req_ext distinguished_name = dn [ dn ] C=US ST=New York L=Rochester O=End Point OU=Testing Domain emailAddress=your-administrative-address@your-awesome-existing-domain.com CN = www.your-new-domain.com [ req_ext ] subjectAltName = @alt_names [ alt_names ] DNS.1 = your-new-domain.com DNS.2 = www.your-new-domain.com
✎Make sure to update the CSR and key path for your installation.
Other Commands
- Check a Certificate Signing Request (CSR)
- openssl req -text -noout -verify -in valt.csr
- Check a certificate
- openssl x509 -in valt.cer -text -noout
- Check a private key
- openssl rsa -in valt.key -check