From 55390348dbc21f42904c0a76737a9d6e008c2d86 Mon Sep 17 00:00:00 2001 From: trimstray Date: Wed, 17 Jul 2019 13:38:14 +0200 Subject: [PATCH] update 'Generate CSR with -config param' - signed-off-by: trimstray --- README.md | 38 +++++++++++++++++++++++++++----------- 1 file changed, 27 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 2482bcf..1f5a215 100644 --- a/README.md +++ b/README.md @@ -2214,19 +2214,19 @@ openssl req -new -sha256 -key ${_fd} -out ${_fd_csr} \ -config <( cat <<-EOF [req] -default_bits = 2048 -prompt = no -default_md = sha256 -req_extensions = req_ext -distinguished_name = dn +default_bits = 2048 +default_md = sha256 +prompt = no +distinguished_name = dn +req_extensions = req_ext [ dn ] -C= -ST= -L= -O= -OU=
-CN= +C = "" +ST = "" +L = "" +O = "" +OU = "
" +CN = "" [ req_ext ] subjectAltName = @alt_names @@ -2239,6 +2239,22 @@ EOF )) ``` +Other values in `[ dn ]`: + + > Look at this great explanation: [How to create multidomain certificates using config files](https://apfelboymchen.net/gnu/notes/openssl%20multidomain%20with%20config%20files.html) + +``` +countryName = "DE" # C= +stateOrProvinceName = "Hessen" # ST= +localityName = "Keller" # L= +postalCode = "424242" # L/postalcode= +streetAddress = "Crater 1621" # L/street= +organizationName = "apfelboymschule" # O= +organizationalUnitName = "IT Department" # OU= +commonName = "example.com" # CN= +emailAddress = "webmaster@example.com" # CN/emailAddress= +``` + ###### List available EC curves ```bash