[openssl-users] openssl.cnf asking Subject Alternative Names certificates.

Jorge Novo jnovonj at gmail.com
Tue Oct 10 15:40:42 UTC 2017 

Hi everyone,

  As most of us know, the Google Chrome Navigator ask about Subject
Alternative Name instead the Common Name.

I want to distribute a little *openssl.cnf* file for creation the CSR files
with my specific values and establish the Subject Alternative Name = Common
Name. I want yo ask about the CN and assign this value to SAN.

This is my beta *openssl.cnf* file:

*Sorry for the comments in Spanish

I do not how to set a variable (CN Variable) to assign to SAN value.


*-------------------------------- 8< -------------------------------- 8<
-----------------------------------*#
# Este fichero genera los CSR de nuestros sistemas con los paremetros
# acordados.
#
# openssl genrsa -aes256 -out www.rra.lan.key 2048 -config opensslMiCasa.cnf
#

# Establecemos un directorio de trabajo, el actual para ser exactos.

dir                             = .

[ req ]
default_bits                    = 2048                          # Size of
keys
default_keyfile                 = key.pem                       # name of
generated keys
default_md                      = sha256                        # message
digest algorithm
string_mask                     = nombstr                       # permitted
characters
distinguished_name              = req_distinguished_name
req_extensions                  = v3_req

[ req_distinguished_name ]
# Variable name                         Prompt string
#-------------------------        ----------------------------------
0.organizationName              = Nombre de la Organizacion
organizationalUnitName          = Mi Casa
[Desarrollo|Infraestructuras|Laboratorio]
emailAddress                    = Cuenta de Correo
emailAddress_max                = 64
localityName                    = Localidad
stateOrProvinceName             = Comunidad Autónoma
countryName                     = ISO 3166-1 Codigo de País
countryName_min                 = 2
countryName_max                 = 2
commonName                      = Common Name

# Default values for the above, for consistency and less typing.
# Variable name                         Value
#------------------------         ------------------------------
0.organizationName_default      = Mi Casa
organizationalUnitName_default  = Mi Casa Infraestructuras
localityName_default            = Madrid
stateOrProvinceName_default     = Comunidad de Madrid
countryName_default             = ES

[ v3_req ]
basicConstraints                = CA:FALSE
subjectKeyIdentifier            = hash
subjectAltName                  =
*-------------------------------- **>8 -------------------------------- >8
-----------------------------------*


---

SALUDE3.

http://www.rodeiroag.es/
http://soloeningles.blogspot.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20171010/f94da4f0/attachment-0001.html>

More information about the openssl-users mailing list