| Alex | f59c739 | 2022-04-18 19:10:14 -0500 | [diff] [blame] | 1 | # OpenSSL configuration file for creating a CSR for a server certificate |
| 2 | # Adapt at least the FQDN and ORGNAME lines, and then run |
| 3 | # openssl req -new -config myserver.cnf -keyout myserver.key -out myserver.csr |
| 4 | # on the command line. |
| 5 | |
| 6 | # the fully qualified server (or service) name |
| 7 | FQDN = mirantis.com |
| 8 | |
| 9 | # the name of your organization |
| 10 | # (see also https://www.switch.ch/pki/participants/) |
| 11 | ORGNAME = Mirantis Inc |
| 12 | |
| 13 | # subjectAltName entries: to add DNS aliases to the CSR, delete |
| 14 | # the '#' character in the ALTNAMES line, and change the subsequent |
| 15 | # 'DNS:' entries accordingly. Please note: all DNS names must |
| 16 | # resolve to the same IP address as the FQDN. |
| 17 | ALTNAMES = DNS:$FQDN # , DNS:bar.example.org , DNS:www.foo.example.org |
| 18 | |
| 19 | # --- no modifications required below --- |
| 20 | [ req ] |
| 21 | default_bits = 2048 |
| 22 | default_md = sha256 |
| 23 | prompt = no |
| 24 | encrypt_key = no |
| 25 | distinguished_name = dn |
| 26 | req_extensions = req_ext |
| 27 | |
| 28 | [ dn ] |
| 29 | C = CH |
| 30 | O = $ORGNAME |
| 31 | CN = $FQDN |
| 32 | |
| 33 | [ req_ext ] |
| 34 | subjectAltName = $ALTNAMES |