Sonderfall mehrere Servernamen im ZertifikatWechsle in Dein Home-Verzeichnis und führe folgenden Befehl aus: openssl genrsa -out meinserver.key 2048
lege jetzt dort eine Datei [req] distinguished_name = req_distinguished_name req_extensions = v3_req default_md = sha256 [req_distinguished_name] countryName = Country Name (2 letter code) countryName_default = DE stateOrProvinceName = State or Province Name (full name) stateOrProvinceName_default = NRW localityName = Locality Name (eg, city) localityName_default = Aachen organizationName = Deine Firma organizationName_default = Lug & Trug GmbH organizationalUnitName = Organizational Unit Name (eg, section) organizationalUnitName_default = ITAbteilung commonName = Dein Servername commonName_default = DICKEBERTA emailAddress_default = ich@lugundtrug.de emailAddress = Mailadresse postalCode_default = 12345 postalCode = PostalCode streetAddress_default = Sackgasse 99 streetAddress = Strasze commonName_max = 64 [ v3_req ] # Extensions to add to a certificate request basicConstraints = CA:FALSE subjectAltName = @alt_names extendedKeyUsage = serverAuth, clientAuth, codeSigning, emailProtection keyUsage = nonRepudiation, digitalSignature, keyEncipherment [alt_names] DNS.1 = dickeBerta DNS.2 = dickeBerta.dom.ain DNS.3 = fetterServer DNS.4 = fetterServer.dom.ain IP.1 = 192.168.10.11 IP.2 = 123.456.789.123 dann muss die CSR-Datei erstellt werden mit: openssl req -new -nodes -sha512 -days 3650 -out meinSrv.csr -key meinsrv.key -config meinserver.conf
openssl req -in meinSrv.csr -noout -text
|