Hi Goetz, *,
> There is the man page x509v3_config.
> It should contain the info you need.
> A hint: x509v3_config describes data found in the openssl.cnf file.
> So this data is used on creating a certificate / CSR...
well I have created a certificate with all neccessary data. At least I think
Hi Serge,
| Use a wildcard domain for your CN
| Unless each domain had a separate IP
| You need to specify *.mydaomin.tld as the CN
so, my CN entry should look like this, if I get you right:
*.mydomain.tld
and the subdomains would get then kinda automically the certificate or will
I have to
Hi Goetz,
| It is called subjectAltName extension.
would you mind telling me how and where I have to define the AltName(s) ?
And still, how will I get my *.pem certificate converted into a .cer
certificate?
Thanks a lot
Niels
--
View this message in context:
http://www.nabble.com/Howto-cr
Hi,
well I have to create a certificate for our maindomian as well as for some
subdomains.
The structure will look pretty much like this:
mydomain.tld
mail.mydomain.tld
owa.mydomain.tld
...
Has anyone of you an idea how to get that done, so that the cert can finally
be imported/installed on t
Hi Javier, *,
Check the man pages (man req), the -x509 option is for a self signed cert
(root), while the -new option produces a new cert request (so you are asking
for conflicting tasks). In this case no request is needed because the it's
the root cert. Your config option is ok.
This way a r
Hi there,
I followed the instructions given in this HowTo:
http://www.dylanbeattie.net/docs/openssl_iis_ssl_howto.html
and came smooth and with no probs to the point where I should create a
master certificate using this command:
openssl req -config openssl.conf -new -x509 -days 1001 -key keys/