<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">On 10/10/2017 05:40 PM, Jorge Novo
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAFeEHysN+tQ_t5w-=qge2Ot+r338TaYfYVqPBBMo45txFxx12Q@mail.gmail.com">
<div dir="ltr">
<div>
<div>Hi everyone,<br>
<br>
As most of us know, the Google Chrome Navigator ask about
Subject Alternative Name instead the Common Name.<br>
<br>
I want to distribute a little <i>openssl.cnf</i> file for
creation the CSR files with my specific values and establish
the Subject Alternative Name = Common Name. I want yo ask
about the CN and assign this value to SAN.<br>
<br>
</div>
This is my beta <i>openssl.cnf</i> file:<br>
<br>
*Sorry for the comments in Spanish</div>
<div><br>
</div>
<div>I do not how to set a variable (CN Variable) to assign to
SAN value.<br>
</div>
<div><i><br>
</i></div>
</div>
</blockquote>
<br>
In my limited knowledge, you can't copy the CN name into the SAN in
the configuration.<br>
Obvious yet clumsy workaround is to have a shell script ask for the
FQDN, set a shell variable with the CN value and then recall the ENV
variable from inside openssl.cnf, or you can have the script
dynamically write/edit opessl.cnf with the user-entered value.<br>
<br>
<blockquote type="cite"
cite="mid:CAFeEHysN+tQ_t5w-=qge2Ot+r338TaYfYVqPBBMo45txFxx12Q@mail.gmail.com">
<div dir="ltr">
<div><i><span style="font-family:monospace,monospace">--------------------------------
8< -------------------------------- 8<
-----------------------------------<br>
</span></i><span style="font-family:monospace,monospace">#<br>
# Este fichero genera los CSR de nuestros sistemas con los
paremetros<br>
# acordados.<br>
#<br>
# openssl genrsa -aes256 -out <a class="moz-txt-link-abbreviated" href="http://www.rra.lan.key">www.rra.lan.key</a> 2048 -config
opensslMiCasa.cnf<br>
#<br>
<br>
# Establecemos un directorio de trabajo, el actual para ser
exactos.<br>
<br>
dir = .<br>
<br>
[ req ]<br>
default_bits = 2048
# Size of keys<br>
default_keyfile = key.pem
# name of generated keys<br>
default_md = sha256
# message digest algorithm<br>
string_mask = nombstr
# permitted characters<br>
distinguished_name = req_distinguished_name<br>
req_extensions = v3_req<br>
<br>
[ req_distinguished_name ]<br>
# Variable name Prompt string<br>
#-------------------------
----------------------------------<br>
0.organizationName = Nombre de la Organizacion<br>
organizationalUnitName = Mi Casa
[Desarrollo|Infraestructuras|Laboratorio]<br>
emailAddress = Cuenta de Correo<br>
emailAddress_max = 64<br>
localityName = Localidad<br>
stateOrProvinceName = Comunidad Autónoma<br>
countryName = ISO 3166-1 Codigo de País<br>
countryName_min = 2<br>
countryName_max = 2<br>
commonName = Common Name<br>
<br>
# Default values for the above, for consistency and less
typing.<br>
# Variable name Value<br>
#------------------------
------------------------------<br>
0.organizationName_default = Mi Casa<br>
organizationalUnitName_default = Mi Casa Infraestructuras<br>
localityName_default = Madrid<br>
stateOrProvinceName_default = Comunidad de Madrid<br>
countryName_default = ES<br>
<br>
[ v3_req ]<br>
basicConstraints = CA:FALSE<br>
subjectKeyIdentifier = hash<br>
subjectAltName =<br>
<i><i>-------------------------------- </i></i><i><i><i><i>>8</i></i>
-------------------------------- >8
-----------------------------------</i></i></span></div>
</div>
</blockquote>
<br>
</body>
</html>