Displaying 1 result from an estimated 1 matches for "x509v3_dnsname".
2002 Jan 31
7
x509 for hostkeys.
...lt;< 'EOF' > x509v3.cnf
CERTPATHLEN = 1
CERTUSAGE = digitalSignature,keyCertSign
CERTIP = 0.0.0.0
[x509v3_CA]
basicConstraints=critical,CA:true,pathlen:$ENV::CERTPATHLEN
keyUsage=$ENV::CERTUSAGE
[x509v3_IPAddr]
subjectAltName=IP:$ENV::CERTIP
[x509v3_DNSName]
subjectAltName=DNS:$ENV::CERTDNS
EOF
$ CERTDNS=myipaddr; export CERTDNS
$ openssl req -new -key /etc/ssh_host_rsa_key -out HOSTKEY.csr
$ openssl x509 -req -days 365 -in HOSTKEY.csr -CA ca.crt \
-CAkey ca.key -CAcreateserial \
-extfile x509v3.cnf -extensions x509v3_DNSName \
-out HOSTKEY.crt
$...