Generate Private Key and Self-Signed Cert with SAN
[ req ]
default_bits = 2048
distinguished_name = req_distinguished_name
x509_extensions = v3_req
prompt = no
[ req_distinguished_name ]
C = MY
ST = Selangor
L = Shah Alam
O = ABC Ltd
OU = IT
CN = sub1.domainname.com
[ v3_req ]
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[alt_names]
DNS.1 = sub1.domainname.com
DNS.2 = anotherdomain.com
- generate key and cert:
sh
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/httpd/ssl/new-key.key -out /etc/httpd/ssl/new-cert.crt -config san.cfg -extensions 'v3_req'