SANs対応済みでワイルドカードオレオレ証明書の作り方
過去の投稿はこちら
portaltan.hatenablog.com
portaltan.hatenablog.com
### 1. setting $ export name=server ### 2. create private key $ openssl genrsa 2048 > ${name}.key ### 3. create csr $ openssl req -new -key ${name}.key > ${name}.csr . . Common Name (eg, your name or your servers hostname) []:*.domain.com # 適宜修正 . . ### 4. create crt ## create extension file $ echo subjectAltName=DNS:*.domain.com > san.ext #適宜修正 ## generate crt $ openssl x509 -days 3650 -req -signkey ${name}.key < ${name}.csr > ${name}.crt -extfile san.ext ### 5. confirm ### confirm(csrファイル) $ openssl req -text -noout -in ${name}.csr ### confirm(crtファイル) $ openssl x509 -text -noout -in ${name}.crt (### convert der file) $ openssl x509 -in ${name}.crt -outform DER -out ${name}.der