[openssl-users] Personal CA: are cert serial numbers critical?
rgm at htt-consult.com
Wed Aug 16 17:54:55 UTC 2017
On 08/16/2017 01:12 PM, Viktor Dukhovni wrote:
>> On Aug 16, 2017, at 12:52 PM, Robert Moskowitz <rgm at htt-consult.com> wrote:
>> Which is also a problem in openssl. You have to put the SAN into the cnf file. There are a number of hacks to do this from the command line.
> Yep. For an approach that uses "bash" in-line files see:
I prefer something like this:
openssl req -new -sha256 -key domain.key -subj "/C=US/ST=CA/O=Acme,
-reqexts SAN -config <(cat /etc/ssl/openssl.cnf <(printf
More information about the openssl-users