From 55390348dbc21f42904c0a76737a9d6e008c2d86 Mon Sep 17 00:00:00 2001
From: trimstray <trimstray@gmail.com>
Date: Wed, 17 Jul 2019 13:38:14 +0200
Subject: [PATCH] update 'Generate CSR with -config param' - signed-off-by:
 trimstray <trimstray@gmail.com>

---
 README.md | 38 +++++++++++++++++++++++++++-----------
 1 file changed, 27 insertions(+), 11 deletions(-)

diff --git a/README.md b/README.md
index 2482bcf..1f5a215 100644
--- a/README.md
+++ b/README.md
@@ -2214,19 +2214,19 @@ openssl req -new -sha256 -key ${_fd} -out ${_fd_csr} \
 -config <(
 cat <<-EOF
 [req]
-default_bits = 2048
-prompt = no
-default_md = sha256
-req_extensions = req_ext
-distinguished_name = dn
+default_bits        = 2048
+default_md          = sha256
+prompt              = no
+distinguished_name  = dn
+req_extensions      = req_ext
 
 [ dn ]
-C=<two-letter ISO abbreviation for your country>
-ST=<state or province where your organization is legally located>
-L=<city where your organization is legally located>
-O=<legal name of your organization>
-OU=<section of the organization>
-CN=<fully qualified domain name>
+C   = "<two-letter ISO abbreviation for your country>"
+ST  = "<state or province where your organisation is legally located>"
+L   = "<city where your organisation is legally located>"
+O   = "<legal name of your organisation>"
+OU  = "<section of the organisation>"
+CN  = "<fully qualified domain name>"
 
 [ req_ext ]
 subjectAltName = @alt_names
@@ -2239,6 +2239,22 @@ EOF
 ))
 ```
 
+Other values in `[ dn ]`:
+
+  > Look at this great explanation: [How to create multidomain certificates using config files](https://apfelboymchen.net/gnu/notes/openssl%20multidomain%20with%20config%20files.html)
+
+```
+countryName            = "DE"                     # C=
+stateOrProvinceName    = "Hessen"                 # ST=
+localityName           = "Keller"                 # L=
+postalCode             = "424242"                 # L/postalcode=
+streetAddress          = "Crater 1621"            # L/street=
+organizationName       = "apfelboymschule"        # O=
+organizationalUnitName = "IT Department"          # OU=
+commonName             = "example.com"            # CN=
+emailAddress           = "webmaster@example.com"  # CN/emailAddress=
+```
+
 ###### List available EC curves
 
 ```bash