Add support for multiple host names in each request

Right now the form only supports a single host name provided in the subject CN field.

We can support multiple hostnames using Chips (https://material.angularjs.org/latest/demo/chips). Chips would only be created when the value validates as a host name.

This would look something like this:

https://certsimple.com does something similar to this if you want to see an example.

We would use the following logic: First domain name goes into the Subject CN First domain name is used as the file name If the function (for example the ANY function) does not support multiple domain names and multiple were provided it would hide itself.

OpenSSL

echo [ req ]>host.example.com.cfg
echo prompt=no>>host.example.com.cfg
echo distinguished_name=req_distinguished_name>>host.example.com.cfg
echo req_extensions=req_ext>>host.example.com.cfg
echo [ req_distinguished_name ]>>host.example.com.cfg
echo CN = host.example.com>>host.example.com.cfg
echo [ req_ext ]>>host.example.com.cfg
echo subjectAltName=@alt_names>>host.example.com.cfg
echo [alt_names]>>host.example.com.cfg
echo DNS.1=host1.example.com>>host.example.com.cfg
echo DNS.2=host2.example.com>>host.example.com.cfg
echo DNS.3=host3.example.com>>host.example.com.cfg
openssl req -new -newkey rsa:2048 -nodes -out host.example.com.csr -keyout host.example.com.key -config host.example.com.cfg

F5 BigIP

create sys crypto key host.example.com key-size 2048 gen-csr country “US” state “WA” city “Woodinville” organization “Peculiar Ventures, Inc” ou “Engineering” common-name “host.example.com” subject-alternative-name "DNS:host1.example.com, DNS:host2.example.com"

Java Keytool

keytool -genkey -alias server -keyalg RSA -keysize 2048 -keystore host.example.com.jks -dname "C=US,ST=WA,L=Woodinville,O=Peculiar Ventures, Inc,OU=Engineering,CN=host.example.com" && keytool -certreq -alias server -file host.example.com.csr -keystore host.example.com.jks -ext “SAN=dns:host1.example.com,host2.example.com”

IIS

echo [NewRequest] >csrparams.inf
echo Subject="C=US,ST=WA,L=Woodinville,O=Peculiar Ventures, Inc,OU=Engineering,CN=host.example.com">>csrparams.inf
echo KeySpec=1 >>csrparams.inf
echo KeyLength=2048 >>csrparams.inf
echo Exportable=TRUE >>csrparams.inf
echo MachineKeySet=TRUE >>csrparams.inf
echo SMIME=False >>csrparams.inf
echo PrivateKeyArchive=FALSE >>csrparams.inf
echo UserProtected=FALSE >>csrparams.inf
echo UseExistingKeySet=FALSE >>csrparams.inf
echo ProviderName="Microsoft RSA SChannel Cryptographic Provider" >>csrparams.inf
echo ProviderType=12 >>csrparams.inf
echo RequestType=PKCS10 >>csrparams.inf
echo KeyUsage=0xa0 >>csrparams.inf
echo Silent=TRUE >>csrparams.inf
echo [EnhancedKeyUsageExtension] >>csrparams.inf 
echo OID=1.3.6.1.5.5.7.3.1 >>csrparams.inf
echo [RequestAttributes] >>csrparams.inf
echo SAN=”dns=host.example.com&dns=host1.example.com” >>csrparams.inf
certreq -new csrparams.inf host.example.com.csr

Exchange 2007

New-ExchangeCertificate -GenerateRequest -Path .\host.example.com.csr -KeySize 2048 -SubjectName "cn=host.example.com” -DomainName host1.example.com, host2.example.com  -PrivateKeyExportable $True

Exchange 2010

Set-Content -path ".\host.example.com.csr" -Value (New-ExchangeCertificate -GenerateRequest -KeySize 2048 -SubjectName "cn=host.example.com" -DomainName host1.example.com, host2.example.com -PrivateKeyExportable $True

PeculiarVentures / csrhelp

Add support for multiple host names in each request #12