Self Sign Multiple Domain Cert

1. create the CA cert

openssl genrsa -des3 -out ca.key 4096
openssl req -new -x509 -days 365 -key ca.key -out ca.crt

2. create client req csr

openssl genrsa -des3 -out server.key 2048

*edit the openssl.conf

uncomment “req_extensions = v3_req”

in [ v3_req ] add

subjectAltName = @alt_names

add the end of the file

[ alt_names ]
DNS.1 = test.domain.com
DNS.2 = www1.domain.com

openssl req -new -key server.key -out server.csr

*create a config file “server.conf”

subjectAltName = @alt_names

[ alt_names ]

DNS.1 = test.domain.com
DNS.2 = www1.domain.com
openssl x509 -req -days 365 -in server.csr -CA ca.crt  -CAkey ca.key -set_serial 01 -extfile server.conf -out server.crt
Share

Leave a Reply