Closed titansmc closed 4 years ago
Sure, this can be added by an additional parameter on the commandline. I will try do implement this in the coming week
I investigated this today and it seems that this implies a rewrite of the generation system. As far as I know it is only possible to specify alt names for openssl by using a config file.
Currently all certificate attributes are submitted using the cli interface of openssl, which does not have any options for this.
right, this what I've noticed too. I am not sure how we should approach it, but definitely specifying altnames should be easy, at least we need the cert to be valid for domain.com and www.domain.com most of the times.... We also need to base a CSR on a config file because we are adding domains to this config file (we are constantly adding altnames on the Load Balancer) Maybe we could add an option to generate a openssl config file, and then a different option to generate CSR given a specific openssl conf file.
Missatge de Heiko Carrasco notifications@github.com del dia dl., 15 d’oct. 2018 a les 10:07:
I investigated this today and it seems that this implies a rewrite of the generation system. As far as I know it is only possible to specify alt names for openssl by using a config file.
Currently all certificate attributes are submitted using the cli interface of openssl, which does not have any options for this.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/Miterion/dfnclient/issues/6#issuecomment-429747423, or mute the thread https://github.com/notifications/unsubscribe-auth/AH0AYIIio53ww5I0RaIGO7E2DmS0HF1Eks5ulEJBgaJpZM4XVdlE .
I talked with my supervisor about this and we think that it would be the best idea to switch completely to openssl config files. Will but this on the to do list
I think it is already implemented. Closing it.
I have a certificate in the load balancer that has several altnames that I would like to add. Is that possible?